The Curious Case of Firewalls

If you are hearing about the term firewall for the first time, and consider it as a wall on fire, you are at the right place. Because that is the overall idea behind this!!!

Firewall is one of the most used terms in the field of information security. A lot of people think that deploying this wall of fire will solve all of their problems. Is that so? What is it that a firewall does? Does it come in all shapes and forms? What is actually a firewall? Can I use a virtual firewall?  And many more… All your queries will be solved in this multi-part series on the firewalls.

A firewall is used to restrict access to one network from another network. You can think of it as a fence which you implement to keep those pestering pedestrians at bay. The firewall can also help you segregate one network within the overall network from another network. It’s like a door which helps to separate various rooms. For example, if the security administrator wants to make sure employees cannot access the HR network, he would place a firewall between this network and all other networks and configure the firewall to allow only the type of traffic he deems acceptable.

When you send information from one system to another, it flows in the form of information packets. These packets are just like letters which you post to each other containing the information which you want to send across, address information, postal ticket, etc. A postman can segregate the various
postal letters based on the address information mentioned. Firewalls act as a filter which helps segregate the packets which will flow into a particular network. A firewall may be a server running a firewall software product or a specialized hardware appliance. It monitors packets coming into and out of the network it is protecting. It can discard packets, repackage them, or redirect them, depending upon the firewall configuration. Packets are filtered based on their source and destination addresses, and ports by service, packet type, protocol type, header information, sequence bits, and much more.

Firewalls are more advanced than the postman. They can filter on various aspects which we will learn in the next part. The types of firewall which we will learn about are:

• Packet filtering
• Stateful
• Proxy
• Dynamic packet filtering
• Kernel proxy

There is another important term to learn about which is quite frequently used when firewalls are being implemented. This is the demilitarized zone or DMZ. This zone is a safe zone which a company creates to protect its certain assets from the dangerous internet yet using the benefits of the internet. It’s like sending your kid to a party but with a bodyguard which ensures that he doesn’t do bad things.

The following diagram helps us understand the most common implementation of the DMZ.  Here we use two firewalls to keep the internet facing devices such as email servers, DNS, web servers, etc. protected from the internet and the next one ensures that even if someone is able to penetrate the first firewall and hack the email server, he is not able to get his hands on the internal servers and information.



In the next blog post, we will learn about the various types of firewalls. In the meantime, feel free to post your questions in the comments section below.

Comments

Gaurav Kudaisya said…
What is stateless firewall ?
Mayur Pahwa said…
Stateless firewall is another name for packet filtering firewall. Such firewalls do not understand the state of the port or service being run. They check only on the basis of individual packets received.

You may also like to read...

How to Pass the CISSP Exam in First Attempt

The CISSP CAT Exam Experience

How to Pass SSCP Exam in the First Attempt