In network security today, a firewall may be a software or hardware that makes a barrier between our internal network and untrusted external network. You can look at the firewall as a set of related programs that enforce an access control policy between two or more networks.
The name “firewall” is very strange, it has been originally used to describe the segment that separated the engine compartment from the interior of an automobile. In the networking world firewall is the first line of defense and the technology that will allow us to segment the network in physically separate subnetworks.
In this way it will help us to limit the risk of compromising the entire network in case of security attack. Is much like how original firewalls worked to limit the spread of a fire.
- One mechanism blocks traffic.
- The second mechanism permits traffic.
A firewall is a set of programs located at a network gateway that protects the resources of a private network from users on other networks. These are basic firewall services:
- Static packet filtering
- Circuit-level firewalls
- Proxy server
- Application server
Firewall is working like a guard that is, either blocking traffic or permitting it based on the Layer 4 port number. Modern firewall designs is much more complex and is developing the ability to block or permit traffic reading the Application layer data.
If you are hosting a service for use over the network, firewalls can be used to manage public access to private network resources or they can log all attempts to enter the private network, and some can trigger alarms.
Firewalls filter packets based on a variety of parameters, such as their source or destination address and port number. Network traffic can also be filtered based on the protocol used (HTTP, FTP, or Telnet). The result is that the traffic is either forwarded or rejected. Firewalls also can use packet attribute or state to filter traffic.