‘Firewall’

Namrata Dattatray Chavan

1
Zeal Institute Of Business Administration, Computer Application& Research, Pune Survey

No.39, Narhegaon Taluka – Haveli, Maharashtra 411041

namratachavan967@[Link]

Abstract: -
A firewall is a software program or hardware with software program that creates a security perimeter whose
main function is control unauthorized access of incoming and outgoing data or information over a network.
Firewalls protect you from offensive software that may come to reside on your systems or from prying
hackers. When connected to the internet, even a standalone PC or a network of interconnected computers make
easy targets for malicious software & unscrupulous hackers. A firewall can offer the security that makes you
less vulnerable and also protect your data from being compromised or your computers being taken hostage. A
firewall protects the flow of traffic over internet and is less restrictive of outward and inward information and
also provides internal user the illusion of anonymous FTP and www connectivity to internet.

Keywords: Firewall, attacks, gateways, packet filter, intruder, application gateways

Introduction: -

Generally, firewalls are configured to protect against unauthenticated interactive logins from the outside world.
This helps prevent "hackers" from logging into machines on your network. More sophisticated firewalls block
traffic from the outside to the inside, but permit users on the inside to communicate a little more freely with the
outside.
A firewall is one of the most essential and critical devices in modern-day network security. It protects
organizations and enterprises from unauthorized and malicious access and plays a pivotal role in the way we
work with the Internet.
In computing, a firewall is a network security system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a
trusted network and an untrusted network, such as the Internet.
In network security, the first line of defense that should always be used is a firewall.
Over the past few decades, firewall deployments have advanced and the functionality as well as the features
have increased. Firewalls can now examine individual packets of traffic and test the packets to determine if
they are safe.

Firewall methodologies: -

A firewall is a network security system which monitors and takes actions (permit or deny traffic) on the basis
of policies defined explicitly. It can be performed by a single device, group of devices or by software running
on a single device like server.
Firewall types can be divided into several different categories based on their general structure and method
of operation. Here are eight types of firewalls:
  Packet-filtering firewalls
 Circuit-level gateways
 Stateful inspection firewalls
 Application-level gateways (a.k.a. proxy firewalls)
 Next-gen firewalls
 Software firewalls
 Hardware firewalls
 Cloud firewalls
Note: The last three bullets list methods of delivering firewall functionality, rather than being types of firewall
architectures in and of themselves.

Types of firewall architectures

 Packet-Filtering Firewalls
As the most “basic” and oldest type of firewall architecture, packet-filtering firewalls basically create a
checkpoint at a traffic router or switch. The firewall performs a simple check of the data packets coming
through the router—inspecting information such as the destination and origination IP address, packet type, port
number, and other surface-level information without opening up the packet to inspect its contents.
If the information packet doesn’t pass the inspection, it is dropped.
The good thing about these firewalls is that they aren’t very resource-intensive. This means they don’t have a
huge impact on system performance and are relatively simple. However, they’re also relatively easy to bypass
compared to firewalls with more robust inspection capabilities.

 Circuit-Level Gateways
As another simplistic firewall type that is meant to quickly and easily approve or deny traffic without
consuming significant computing resources, circuit-level gateways work by verifying the transmission control
protocol (TCP) handshake. This TCP handshake check is designed to make sure that the session the packet is
from is legitimate.
While extremely resource-efficient, these firewalls do not check the packet itself. So, if a packet held malware,
but had the right TCP handshake, it would pass right through. This is why circuit-level gateways are not
enough to protect your business by themselves.

 Stateful Inspection Firewalls

These firewalls combine both packet inspection technology and TCP handshake verification to create a level of
protection greater than either of the previous two architectures could provide alone.
However, these firewalls do put more of a strain on computing resources as well. This may slow down the
transfer of legitimate packets compared to the other solutions.

 Proxy Firewalls (Application-Level Gateways/Cloud Firewalls)

Proxy firewalls operate at the application layer to filter incoming traffic between your network and the traffic
source—hence, the name “application-level gateway.” These firewalls are delivered via a cloud-based solution
or another proxy device. Rather than letting traffic connect directly, the proxy firewall first establishes a
connection to the source of the traffic and inspects the incoming data packet.
This check is similar to the stateful inspection firewall in that it looks at both the packet and at the TCP
handshake protocol. However, proxy firewalls may also perform deep-layer packet inspections, checking the
actual contents of the information packet to verify that it contains no malware.
Once the check is complete, and the packet is approved to connect to the destination, the proxy sends it
off. This creates an extra layer of separation between the “client” (the system where the packet originated) and
the individual devices on your network—obscuring them to create additional anonymity and protection for
your network.
If there’s one drawback to proxy firewalls, it’s that they can create significant slowdown because of the extra
steps in the data packet transferal process.

 Next-Generation Firewalls
Many of the most recently-released firewall products are being touted as “next-generation” architectures.
However, there is not as much consensus on what makes a firewall truly next-gen.
Some common features of next-generation firewall architectures include deep-packet inspection (checking
the actual contents of the data packet), TCP handshake checks, and surface-level packet inspection. Next-
generation firewalls may include other technologies as well, such as intrusion prevention systems (IPSs) that
work to automatically stop attacks against your network.

The issue is that there is no one definition of a next-generation firewall, so it’s important to verify what
specific capabilities such firewalls have before investing in one.

 Software Firewalls
Software firewalls include any type of firewall that is installed on a local device rather than a separate piece of
hardware (or a cloud server). The big benefit of a software firewall is that it's highly useful for creating defense
in depth by isolating individual network endpoints from one another.
However, maintaining individual software firewalls on different devices can be difficult and time-
consuming. Furthermore, not every device on a network may be compatible with a single software firewall,
which may mean having to use several different software firewalls to cover every asset.

 Hardware Firewalls
Hardware firewalls use a physical appliance that acts in a manner similar to a traffic router to intercept data
packets and traffic requests before they're connected to the network's servers. Physical appliance-based
firewalls like this excel at perimeter security by making sure malicious traffic from outside the network is
intercepted before the company's network endpoints are exposed to risk.
The major weakness of a hardware-based firewall, however, is that it is often easy for insider attacks to
bypass them. Also, the actual capabilities of a hardware firewall may vary depending on the manufacturer—
some may have a more limited capacity to handle simultaneous connections than others, for example.

 Cloud Firewalls
Hand shows a data cloud with a protective shield for cloud firewall
Whenever a cloud solution is used to deliver a firewall, it can be called a cloud firewall, or firewall-as-a-
service (FaaS). Cloud firewalls are considered synonymous with proxy firewalls by many, since a cloud server
is often used in a proxy firewall setup (though the proxy doesn't necessarily have to be on the cloud, it
frequently is).
The big benefit of having cloud-based firewalls is that they are very easy to scale with your organization.
As your needs grow, you can add additional capacity to the cloud server to filter larger traffic loads. Cloud
firewalls, like hardware firewalls, excel at perimeter security.

Result

A firewall acts as a gatekeeper. It monitors attempts to gain access to your operating system and blocks
unwanted traffic or unrecognized sources.
A firewall acts as a barrier or filter between your computer and another network such as the internet. You
could think of a firewall as a traffic controller. It helps to protect your network and information by managing
your network traffic, blocking unsolicited incoming network traffic, and validating access by assessing
network traffic for anything malicious like hackers and malware.
Your operating system and your security software usually come with a pre-installed firewall. It’s a good idea
to make sure those features are turned on. Also, make sure your security settings are configured to run updates
automatically.
Conclusion

As the Internet becomes more a part of business, firewalls are becoming an important ingredient of an overall
network security policy. We have seen that there are several approaches to integrating a firewall into a network
topology. We've also found that there are many possible criteria upon which decisions are made regarding
whether to implement a firewall, and if so, which one. Generally, performance, feature set (that is, does this
product provide security in the ways that is most needed) and how well the product fits into the current
network infrastructure are the most important issues. The firewall market is still relatively young and there are
an abundance of choices (approximately 40 vendors currently offer products), so it is expected that as the
market matures, the products that are successful are those that excel in these areas.

Reference:
[Link]
[Link]
[Link]
[Link]
[Link]
[Link]

Biographies: -

Miss. Namrata Dattatray Chavan Student pursuing MCA at Zeal Institute of Business
Administration, Computer Application and Research, Pune. I am writing a research paper on ‘Firewall’ under
the guidance of Dr. Babasaheb J. Mohite