Security Information and Review

Collection of security information and review

How to Select Type of Firewall

Author : Admin

Firewall is a part of computer system or network that is designed to block an authorized people to access our resources or infrastructure. In the personal use, when we are browsing or surfing, firewall will keep our internet connection as secure by inspecting and then approving or rejecting each connection attempt made between our internal network and external network. In this case, firewall will create bottlenecks between the internal network and external networks because all traffic transiting between the internal network and the external must pass through a single point of control. So, all packet entering or leaving the internal networks pass through the firewall which examines each packet and blocks those that do not meet the specified security criteria.


There are three basic type or function of the firewalls performs :

      Packet Filtering. In this functions, firewall will looks at each packet entering or leaving the network and accepts or rejects it based on user defined rules. Packet filters implemented inside firewalls prevent suspicious traffic from reaching the destination network. As a router, firewalls will protect all the machines on the destination network from suspicious traffic. Packet filtering is fairly effective and transparent to users but it’s difficult to configure.
      Network Address Translation ( NAT ). With this functions, we allows to use multiplex a single public IP address across an entire network, the hosts protected behind firewall commonly have addresses in the the “private address range” and hide the true address of protected hosts. One of advantage, hiding the address of protected devices has become an increasingly important defense against network reconnaissance, by converting all internal host addresses to the public address of the firewall.
      Application Layer Proxy Services. A service for a specific application layer protocol like HTTP or SMTP that makes connections to the public internet on behalf of internal private clients. With this services, proxies understand the specific protocol for. So, they are able to detect and block malformed or maliciously modified streams. With this application layer proxies, allow we to completely disconnect the flow of network layer protocols through our firewall and restrict traffic only to higher level protocols like HTTP, FTP and SMTP.

There are hundreds of firewall on the market, with different specification and running on numerous different platform. With the basic knowledge of firewall, we hope, we can select a firewall that matches our security requirements and could take quite a bit of time.

See next article in this site, how to select the best firewall for our organization.



Mohamad Widodo

Mohamad Widodo

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Technorati
  • YahooMyWeb
  • Slashdot
  • StumbleUpon
Categories: Network Security
If you like this posts, please leave messages / comments.