We all are familiar with the term ‘firewall’ but majority of us don’t know the source of its origination. It is actually a terminology used for describing a part of automobile that separated the automobile’s interior from the compartment of engine. In the world of network this term is used metaphorically to show the way internal networks are separated from the hazards of external world. With the help of firewalls the networks are divided into various physical networks and as a result of this the occurrence of potential damages can be controlled otherwise these damages can spread to different subnets.
This works in the same way as the original firewalls worked to stop the spreading of a fire.
On the other hand, in the world of network security a firewall is considered as a piece of hardware or software that actually serves like a barrier between the reliable or internal network and the unreliable external network i.e. the internet. Practically speaking, a firewall is actually a set of associated programs which are designed to implement the policy of access control between two or more than two networks.
Firewall design works on paired mechanism and it serves two main functions.
- One part of the mechanism unblocks traffic.
- The second part of the mechanism blocks traffic.
A firewall which is referred to as a set of associated or related programs is positioned at a network gateway server and its purpose is to save the private network’s resources from the users on other networks. There are different means that provide the basic services of firewall.
- With the help of static packet filtering
- Using Circuit-level firewalls
- Proxy server
- And the application server
Whether you emphasize more on blocking the traffic or allowing it solely depends on the conditions you find, in case of existing or modern firewall designs the effort is to balance both the functions. Prior to the enforcement of a particular firewall solution, it is important to identify an access control policy. When the firewall is deployed, it allows the access from your network to others through the firewall. The range of firewall designs may vary from a single firewall solution meant for a small network to multiple firewall designs meant for large network in order to protect number of network segments.
For example, if you host an application for use over the set of connection, then the access of public to the private network resources can be managed with firewalls like this. Firewalls can monitor all the attempts made to enter any private network, and some can even set off alarms on illegal entry.
The filtering style of firewalls is based on various parameters like its source address as well as on its port number. Use of specific protocol is another basis of filtering the traffic (FTP, HTTP or Telnet). As a result of this the traffic is either allowed or rejected. In order to filter traffic the firewalls can use packet attribute.