Introduction of Firewall in Computer Network

A firewall is a network security system, available as hardware or software, that monitors and controls incoming and outgoing traffic based on predefined rules. It acts like a security guard, filtering data packets to either:

• Accept: Allow the traffic.
• Reject: Block with an error response.
• Drop: Block silently without response.

Importance of Firewalls

A firewall is the first line of defense in cybersecurity, acting as a security barrier between internal systems and external networks. It forces all traffic through a single checkpoint, where data packets are monitored, filtered, and either allowed or blocked based on predefined rules. Firewalls are essential because they:

• Prevent Unauthorized Access: Like a locked door with a guard, only trusted users and traffic are allowed through.
• Block Malicious Traffic: Harmful data such as viruses, phishing attempts, or denial-of-service (DoS) attacks are stopped before reaching the system.
• Protect Sensitive Information: Safeguards personal and business data from theft or accidental leaks.
• Control Network Usage: Enforces policies such as parental controls, workplace restrictions, or government filtering.
• Mitigate Insider Risks: Detects suspicious applications or data exfiltration attempts from within the network.

By combining prevention, monitoring, and control, firewalls provide customizable and comprehensive protection against both external and internal threats.

Working of Firewall

A firewall inspects all incoming and outgoing traffic and decide whether to allow or block it.

1. All data packets entering or leaving the network must first pass through the firewall.
2. The firewall examines each packet against predefined security rules set by the organization.
3. If the packet matches safe rules, it is allowed; if it is suspicious, blacklisted, or contains malicious content, it is blocked.
4. Blocked or unusual traffic is recorded in logs, and real-time alerts may be generated for serious threats.
5. Since it is not possible to define every rule, the firewall applies a default policy (accept, reject, or drop). Setting the default policy to drop or reject is considered best practice to prevent unauthorized access.

Default Policy: A firewall needs a default action (accept, reject, or drop) for traffic not covered by rules. For example, if no rule exists for SSH, the default applies. To prevent unauthorized access, it is best set to drop or reject.

Types of Firewall

Firewalls can be categorized based on their generation.

1) Network Placement

• Packet Filtering Firewall
• Stateful Inspection Firewall
• Proxy Firewall (Application Level)
• Circuit-Level Gateway
• Web Application Firewall (WAF)
• Next-Generation Firewall (NGFW)

2) Systems Protected

• Network Firewall
• Host-Based Firewall

3) Data Filtering Method

• Perimeter Firewall
• Internal Firewall
• Distributed Firewall

4) Form Factors

• Hardware Firewall
• Software Firewall

History of Firewalls

Firewalls evolved from simple packet filtering to advanced, user-friendly security systems used worldwide.

• Late 1980s: Jeff Mogul, Brian Reid, and Paul Vixie at Digital Equipment Corp (DEC) developed packet-filtering technology, laying the groundwork for firewalls by checking external connections before they reached internal networks.
• Late 1980s - Early 1990s: AT&T Bell Labs researchers, including Presotto, Sharma, and Nigam, developed the circuit-level gateway, a firewall that vetted ongoing connections without reauthorizing each data packet, paving the way for more efficient security.
• 1991-1992: Marcus Ranum introduced security proxies at DEC, leading to the creation of the Secure External Access Link (SEAL), the first commercially available application-layer firewall, based on earlier DEC work.
• 1993-1994: At Check Point, Gil Shwed pioneered stateful inspection technology, filing a patent in 1993. Nir Zuk developed a graphical interface for Firewall-1, making firewalls accessible and widely adopted by businesses and homes.

Firewall in Computer Network

Visit Course