Firewall | Research & Encyclopedia Articles

Firewall

A firewall is an electronic barrier that prevents unauthorized access to a network. The role of a firewall is to ensure that all communications between a network and the Internet, in both directions, conform to the criteria established by the organization's security policies. The network may be a company's local area network, wider area networks, and the Internet, or a Service Provider containing confidential files for which authorized admission is required.

The purpose of a firewall is to protect a network from unwanted or hostile intrusion. To accomplish this task, a firewall functions as a gateway between the internal private network and the unregulated public network.

The name firewall arose from the fact that they function by segmenting a network into several subnetworks in order to limit the damage that might otherwise spread unhindered through the network. By analogy with the firedoors or firewalls in buildings, the term firewall was appropriate. The earliest firewalls were routers, which basically functioned to direct packets of information. While still located at the router hub of the private network, time has seen firewalls grow more sophisticated in performance and characteristics.

A firewall operates by examining all information traffic being routed between the private and public networks. If the packet of information meets the set criteria, it is allowed to pass. If the packet does not meet the criteria, transmission is stopped. Some firewalls also have the capability to log all the attempts made to enter the private network and can trigger alarms when hostile or unauthorized entry is attempted. Typical criteria a firewall uses to evaluate incoming or outgoing transmissions are the source or destination addresses (address filtering) and whether or not the network traffic is of specific protocol type, such as http, ftp, or telnet (protocol filtering)

There are several security issues that a firewall is not equipped to address. These include the inability to prevent users having an individual modem from dialing into or out of the network, and the inability to stop careless or malicious user conduct.

The access denial system of a firewall can operate in two opposite ways. All information traffic can be permitted unless criteria to accept are not met. Or, often a typical default mechanism, all traffic can be denied unless criteria for acceptable transmission are satisfied. The criteria can vary and depend upon what layer of a network the firewall is operative. Depending on the configuration of the network, the older TCP/IP model, or the newer OSI model, the network architecture is designed around a seven-layer or five-layer model, respectively. The layers of the OSI model, one through seven, are Physical, Data Link, Network, Transport, Session, Presentation, and Application. The layers of the TCP/IP model, one through five, are Physical, Data Link, Internet Protocol (IP), Transport Control Protocol (TCP) combined with User Datagram Protocol (UDP), and Application. The lowest layer that a firewall can operate upon is layer three, the layer in both models that is concerned with routing traffic to its destination. A firewall at layer three is concerned with whether a packet of information is from a trusted source, but not with what the packet contains or what other packets may be associated with it. At the application level, firewalls are equipped to be more selective about granting permission for the routing of information.

There are four broad categories of firewalls: packet filters, circuit level gateway, application level gateway, and stateful multilayer inspection firewall. Choosing a firewall depends on factors such as the security level required, purchase cost, and the technical competency of the person overseeing the system hardware. The enhanced security and ability to monitor user activity and logins given by the application level gateway comes at the price of a slowdown in network performance. The most versatile and potentially secure system, the stateful multilayer inspection firewall, is expensive and can be breached if not maintained by a technically competent person.

Firewalls do have the disadvantage of causing a bottleneck in the flow of information, because all information must be routed through one gateway. The compensation, however, is enhanced security provided to the private network.