中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecurityProducts and Solutions

Firewall

A firewall is a piece of software or hardware device that filters the information coming through the Internet connection into your private network or computer system. A firewall enforces an access control policy between two or more networks with two key functions: to block unwanted traffic, and to permit wanted traffic. Basically, a firewall, working closely with a router program, filters all network packets to determine whether to forward them toward their destination. A firewall is often installed away from the rest of the network so that no incoming request can get directly at private network resources. There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain names and IP addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates.

Conceptually, there are three types of firewalls:

  • Network layer: make their decisions based on the source, destination addresses and ports in individual IP packets. Network layer firewalls tend to be very fast and tend to be very transparent to users.
  • Application layer: typically are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and auditing of traffic passing through them. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.
  • Hybrids: most firewalls fall into the ``hybrid'' category, which do network filtering as well as some amount of application inspection. The amount changes depending on the vendor, product, protocol and version, so some level of digging and/or testing is often necessary.

Firewalls use one or more of three methods to control traffic flowing in and out of the network:

  • Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
  • Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
  • Stateful inspection - A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

firewall

firewall

Related Terms: Proxy service, Packet filtering

‹ ATM Network Security: Solutions, Technologies and SpecificationsupIDS: Intrusion Detection System ›