Wednesday, February 21, 2024 9:08 PM

A firewall is a network security device, either hardware or software-based, which monitors all incoming
and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific
traffic. Accept : allow the traffic Reject : block the traffic but reply with an “unreachable error” Drop :
block the traffic with no reply A firewall establishes a barrier between secured internal networks and
outside untrusted network, such as the Internet.

Firewall match the network traffic against the rule set defined in its table. Once the rule is matched,
associate action is applied to the network traffic.

Next Generation Firewalls (NGFW): Next Generation Firewalls are being deployed these days to stop
modern security breaches like advance malware attacks and application-layer attacks. NGFW consists of
Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect
the network from these modern threats.

Types of Firewall

Firewalls are generally of two types: Host-based and Network-based.

Host- based Firewalls : Host-based firewall is installed on each network node which controls each
incoming and outgoing packet. It is a software application or suite of applications, comes as a part of the
operating system. Host-based firewalls are needed because network firewalls cannot provide protection
inside a trusted network. Host firewall protects each host from attacks and unauthorized access.

Network-based Firewalls : Network firewall function on network level. In other words, these firewalls
filter all incoming and outgoing traffic across the network. It protects the internal network by filtering
the traffic using rules defined on the firewall. A Network firewall might have two or more network
interface cards (NICs). A network-based firewall is usually a dedicated system with proprietary software
installed.

Advantages of using Firewall

Protection from unauthorized access: Firewalls can be set up to restrict incoming traffic from particular
IP addresses or networks, preventing hackers or other malicious actors from easily accessing a network
or system. Protection from unwanted access.

Prevention of malware and other threats: Malware and other threat prevention: Firewalls can be set up
to block traffic linked to known malware or other security concerns, assisting in the defense against
these kinds of attacks.

Control of network access: By limiting access to specified individuals or groups for particular servers or
applications, firewalls can be used to restrict access to particular network resources or services.

Monitoring of network activity: Firewalls can be set up to record and keep track of all network activity.
This information is essential for identifying and looking into security problems and other kinds of shady
behavior.

Regulation compliance: Many industries are bound by rules that demand the usage of firewalls or other
security measures. Organizations can comply with these rules and prevent any fines or penalties by
using a firewall.

Network segmentation: By using firewalls to split up a bigger network into smaller subnets, the attack
surface is reduced and the security level is raised.