|
|
|
Will be inserting stuff here soon! |
|
|
\ No newline at end of file |
|
|
|
# What is a Firewall?
|
|
|
|
|
|
|
|
Firewalls are a key component of a secure network. At a basic level, a firewall serves as a “filter” between a network and the Internet other other external networks. Just like an air or water filter keeps unsafe particles from polluting an environment, a firewall keeps potentially malicious activity from entering or exiting a network. In an environment with several devices connecting to the internet, a firewall should be placed at every Internet connection.
|
|
|
|
|
|
|
|
When configuring a firewall for a network, the administrator will set a variety of *rules*, or policies that determine what traffic should be permitted into or blocked from the network. There are multiple ways that firewall rules can help filter traffic, and the following three methods are the most common: packet filtering firewalls, application-level firewalls, and stateful inspection firewalls. Other types of firewalls include unified threat management firewalls, next-generation firewalls, and virtual firewalls.
|
|
|
|
|
|
|
|
## Packet Filtering Firewalls
|
|
|
|
*Packet filtering* involves checking incoming traffic against a series of filters. This traffic enters the network as a collection of packets, or segments of data. Based on the filtering rules, acceptable packets will be permitted to enter the system, and all other packets will be rejected.
|
|
|
|
|
|
|
|
## Application-Level Firewalls
|
|
|
|
*Proxy service* is when the firewall acts as an in-between for a client server and the Internet. In this configuration, the firewall requests and retrieves the information from the Internet and processes it before it enters the protected network. This places the majority of the risk on the remote proxy device, rather than the device inside the network.
|
|
|
|
|
|
|
|
## Stateful Inspection Firewalls
|
|
|
|
*Stateful inspection* is an up-and-coming innovation in firewall technology. It builds upon the concept of packet filtering in hopes of making it more efficient. Rather than checking the entire packet contents, the firewall only inspects specific parts of a packet against a collection of trusted data. Additionally, stateful inspection also monitors outgoing traffic, or information moving from the network to the Internet. The dynamic nature of stateful firewalls allows for certain filtering rules to be changed or ignored in specific circumstances.
|
|
|
|
|
|
|
|
## Why do we Use Firewalls?
|
|
|
|
Network security is a key component of overall device security. Since a network is a series of interconnected devices, it is clear that if even one device is at-risk, all of the devices on the network are in jeopardy as well. A firewall makes it more difficult for external attackers to inject malware into a system remotely. Additionally, having a secure firewall will prevent insider threats from communicating with external actors or performing rogue actions on a system. The risk of not using a firewall can be astronomical.
|
|
|
|
|
|
|
|
Fortunately, there are a wide variety of solutions to network security provided by firewalls. As discussed in the above section, there are many types of firewalls, each with their own strengths and weaknesses. Everyone, from security directors to casual at-home computer users, can find and set up a firewall to fit their needs.
|
|
|
|
|
|
|
|
# Proper Firewall Configuration and Common Misconfigurations
|
|
|
|
|
|
|
|
## Best Practices for Firewall Configuration
|
|
|
|
|
|
|
|
## Common Firewall Vulnerabilities |
