Home | Articles | About | Contact | Forum |
Monday, March 18, 2024



Lunarpages.com Web Hosting

Mailing List

E-mail:
By Joining the mailing list you will be notified of site updates.


Show Your Support For
This Site By Donating:











Audience: Newbies - Self Learners
Last Updated: 6/6/2011 11:36:07 PM
**All times are EST**





Firewalls

By Erik Rodriguez

Tags: types of firewalls, NAT firewall, Juniper Netscreen, firewall security, firewall configuration

This article contains information about different types of firewalls, their operation, and implementation.

What is a Firewall?

A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are now widely used because of the vast amount of broadband connections present. They provide a first line of defense for your computer or network. If it succeeds in keeping the bad guys out, while still letting you happily use your network, it's a good firewall¹. Every corporate network has at least one firewall in use. Firewalls come in all shapes and sizes. Most computers are shipped from the factory with some type of firewall software or may use the default firewall built into XP.

Types of Firewalls

There are two main types of firewalls: hardware and software. High Level Hardware firewalls are very expensive and are not practical for the home user. However, low-end routers that perform NAT act as a hardware firewall. Cheaper broadband routers such as Linksys, Belkin, D-Link, etc provide this functionality. In a corporate environment, expensive devices like the Cisco ASA and Juniper SSG are commonly used hardware solutions. Hardware firewalls allow for more complex configurations and often incorporate things like VPNs and advanced security features.

Software firewalls are practical for home users because they are nothing more than a program that runs with your operating system. These programs are usually inexpensive, free, or come built into the operating system. They are many different types of firewalls available with many different options.


Hardware vs. Software

Generally speaking, hardware firewalls perform better than software firewalls for several reasons. First, a hardware firewall is "dedicated" to inspecting traffic. Unlike a software firewall, it does not compete for CPU time or RAM. The main downside to a hardware solution is cost and configuration. High-end devices like Cisco's PIX firewall can be tricky to configure. Software firewalls are easy to install and generally easy to configure. If you are on a network with other clients that you do not know, such as a dorm or apartment with shared Internet access, a software firewall is a must! Remember that if your router performs NAT, it only protects you from Internet traffic. You are still vulnerable to attacks from within your LAN. Hackers often target routers to gain access to other devices or machines on a network.


Examples


Let us say Susan has a DSL connection at home. From there she does her banking, stock trading, and other private communication. A firewall is important because it would block connection attempts by a hacker. If a hacker has Susan's IP address, he can establish a remote connection. If a successful connection is made, it is possible for that hacker to intercept passwords or other data that endangers Susan's online identity. Are you wondering if a firewall is for you? I'd say "Better Safe Than Sorry." You wouldn't want to own a store in a dangerous neighborhood without a burglar alarm. Below are diagrams of how a firewalls can be deployed in a network:

Simple NAT Firewall



The diagram above illustrates the firewall protection provided by NAT. While 3 machines are attached to the router, the Internet/WAN link thinks only 1 device is present. This protects all 3 machines by limiting access to IP addresses and ports from the Internet/WAN connection. For more details on this see the article on NAT.



Contact Us

If you found this information useful, click the +1 button



Your E-mail:


Subject:


Type verification image:
verification image, type it in the box

Message:


NOTE: this form DOES NOT e-mail this article, it sends feedback to the author.


¹ Zwicky, Elizabeth; Cooper, Simon; Chapman, Derek. Building Internet Firewalls. Sebastopol, CA: O' Reilly, 2000.
TCP vs. UDP
Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth






Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez