What is Firewalls in information security?

A firewall can be represented as a specific type of network security device or a software program that monitors and filters incoming and outgoing network traffic based on a represented group of security rules. It facilitates as a barrier between inside private networks and outside sources (such as the public Internet).

The objective of a firewall is to enable non-threatening traffic and avoid malicious or unwanted data traffic for securing the computer from viruses and attacks. A firewall is a cybersecurity tool that filters network traffic and supports users block malicious software from accessing the web in infected computers.

Firewalls can be executed in both hardware and software. Firewalls are generally used to avoid unauthorized Internet users from accessing private networks connected to the Internet, such as intranets. All messages accessing or leaving the intranet move through the firewall, which determines each message and blocks those that do not meet the defined security element.

A firewall is simply a program or hardware device that filters the data appearing through the Internet connection into the private network or computer system. If an incoming packet of data is flagged by the filters, it is not enabled through.

Furthermore, the company will have one or more connections to the Internet through such as T1 or T3 lines. Without a firewall in place, some hundreds of computers are directly applicable to anyone on the Internet. A person who understand what it is doing can probe those computers, try to create FTP connections to them, try to create telnet connections to them etc. If one employee makes a mistake and leaves a security hole, hackers can receive to the device and exploit the hole.

A company can install rules like this for FTP servers, Web servers, Telnet servers etc. Moreover, the company can control how employees connect to Websites, whether files are enabled to leave the company over the network etc. A firewall provides a company tremendous control over how person use the network.

Firewalls use multiple methods to control traffic flowing in and out of the network which are as follows −

  • Packet filtering − Packets (small chunks of data) are analyzed against a group of filters. Packets that create it through the filters are sent to the requesting system and some discarded.

  • Proxy service − Information from the Internet is fetched by the firewall and then sent to the requesting system, etc.

  • Stateful inspection − A current approach that doesn’t determine the contents of each packet but instead compares specific key element of the packet to a database of trusted information.