“If you use a computer at home, the most effective and important first step you can take to help protect your computer is to turn on a firewall.” ~ Microsoft
What is a Firewall?
A firewall is an integral part of any device’s security system. Director of the Office of Information Security here at USF Dennis Guillette has worked with firewalls since the 1990’s. His definition of a firewall is “a piece of equipment (or software) that sits on a perimeter of a network, blocking certain traffic that is considered ‘bad’ or ‘insecure’”. The term “firewall” originates from firefighting. A fire wall was a barrier developed to keep flames at bay, and thus keep anything on the other side of the wall safe. A firewall for computing is much the same. It acts as a barrier between networks that can threaten your security, and your network.
Firewalls can be in the form of software or hardware.
Notice that Dennis mentions that a firewall can be either a piece of software or hardware. It’s important to note that you can have either form of firewall, but it’s ideal to have both. Another important thing to note is that a firewall alone is not going to be all the protection you need to prevent security breaches. Dennis has the following advice for anyone wanting to invest in firewall protection:
“A good firewall is a part of any good security infrastructure. It is important not to become too dependent, or your network becomes a “skittle” network: Crunchy and secure on the outside and chewy and vulnerable on the inside.”
What Does a Firewall Do?
In order to protect your device from unsecured networks, firewalls generate a list of trusted networks. If a network is not on that list, the firewall will put its defenses up. You can program trusted and distrusted networks into its settings, so you do have control over what your firewall filters out and what it protects you from.
The definition and base function of firewalls have changed over time, though. Dennis Guillette has seen them go from purely preventative protection, to defensive software that can live in the cloud.
“When I started working with firewalls in the 1990’s, they were pieces of network equipment that blocked certain kinds of traffic and that’s all (these are now known as packet firewalls). These days, firewalls not only block certain software but act as other kinds of network security devices such as VPN (virtual private network), IDS (intrusion detection system), IPS (intrusion prevention system), NAT (network address translation), and sometimes wireless access. The idea of a what a firewall actually is has blurred as most commercial offerings do lots of things.”
Types of Firewalls
Some types of firewalls use intelligent data analysis to determine what is secure and what is not.
Because they’ve been around for quite some time and have had time to evolve, there are quite a few types of firewalls. Dennis Guillette mentioned above that what were once the only form of firewalls are now referred to as Packet Firewalls. “Everything you do on the Internet involves packets. For example, every web page that you receive (i.e. visit) comes as a series of packets, and every e-mail you send leaves as a series of packets. The network breaks an e-mail message into parts of a certain size, in bytes. These are the packets. Each packet carries the information that will help it get to its destination,” (HowStuffWorks).
Packet firewalls work on your device to examine those “packets” or strings of data that are requested and sent by your computer. Packet filtering by firewalls allows only those packets that are listed as trusted within the firewall filtering system to be accessed.
Stateful Inspection Firewalls are much like packet filtering ones in that they also examine packets in order to determine if they are secure or not. However, instead of examining those packets on merely a network level, stateful inspections use intelligent processing to determine if a packet is secure or not. That means that these firewalls will track a packet’s progress from beginning to end, and use multiple factors to analyze and determine how secure or insecure they are from a variety of angles.
Another type of firewall are the Proxy Firewalls. These are considered the most secure types of firewall, but they can mean a slower connection and limited functionality for your device. The implementation of proxies for the protection of your network adds an extra layer of cushion between your network and outside threats. Bullguard Security explains that in these firewalls, “The proxy acts as an intermediary – computers make a connection to the proxy which then initiates a new network connection based on the request”. So, it’s going to be harder for intruders to connect directly to your network, breach your secure information, and access your IP address. The reason these are so much more secure than other types of firewalls is because the proxy is the only thing that interacts with any external servers. Your network does not come in contact with anything except the proxy.