Firewalls

Why is this so?

The internet has been described as a marvellous technological advance that provides access to information, and also the ability to publish information, in revolutionary ways. On the other hand, it is also a major danger that provides the ability to pollute and destroy valuable information also in a revolutionary ways.

Like the discovery of electricity, today internet is one of the most amazing technical achievements of the information revolution era.

What is a firewall?

It can also be defined as a component or set of components that restricts access between a protected network (your computer) and the internet, or between other sets of networks.

It is a multi-homed host (that is, a general purpose computer that has more than two network interfaces or home) which is placed in the internet route, such that it stops and can make decisions about each packet that wants to get through.

In summary, it is a component or set of components put in place to keep away the bad guys. If it succeeds in keeping the bad guys out, while still let you happily use your network, it’s really a good firewall.

Types of Firewalls

With the advent of the first computer components tagged firewall, there has been a lots of improvements on the topic. Hence, there are five major types. They are:

i) Packet Filtering

ii) Application-Level Gateways

iii) Circuit Level Gateways

iv) Proxy Server

v) Hybrid version

1) Packet Filtering type>

A packet filtering type perhaps is the most common and easiest to employ for small, uncomplicated sites. It has the capability to examine every packet with the intention to allow or drop the packet according to the source or destination address or port. To effectively do this, the owner of the system or an appointed system administrator will have to define the rules or policy of what should allowed and what should not be allowed. Where we have more than one rule, Packet Filtering works by checking from top to bottom, which means that rule number 1 is applied first followed by rule 2 and so on.

Advantage

Simple Packet filtering is simple to implement and it is regarded as an effective system if properly configured.

Disadvantages

i) It suffers from having little or no logging capability as a packet filtering router.

ii) Packet filtering routers are also difficult to test thoroughly and this may give an errorneous impression of safety when in actual fact the site might be open to unidentified vulnerabilities

2) Application-Level Gateways

Application-level gateway is a more intelligent computer but more complex than a packet filtering router. It tries to enforce the “connection integrity” of the firewall. This works by making sure that all data that passed through the network to the computer port are of the designated protocol for the port. This prevents the type of an attack where a wrong protocol is sent to a particular characteristics make of an enterprise firewall rather than for a home computer.

In addition to the above, an application-level gateway also has the ability to check every packet that passes through it into the network.

3) Circuit Level Gateways

A circuit-level gateway operates at the transport level of the protocol stack. It operates by creating a virtual circuit between the local network and remote networks. It relays data back and forth until the connection is terminated. Unlike the Application-Level Gateways, it does not inspect the packets before they are relayed, hence the audit is minimal. Also, no application specific controls are in place.

4) Proxy Server

A proxy server as the name implies, operates by intercepting all messages into and out the network and then pass the message to the appropriate server or services in the internal network. The major advantage of this system is that it shields the internal computers from the outside world as it is the only one that is visible to the outside world.

5) Hybrid System

In practice, most of the available systems make use of two or more of these practices described above. The rationale behind it is to make use of the advantages of one or more of the techniques while minimising any known weaknesses of the techniques. Another factor that guides the types of firewall components to be combined together for effective performance is the security policy of the organisation.

Primary Components of a typical Firewall System

1) Network policy – whether written (for corporate organisations) or unwritten (in case of individual personal computer). The policy influences the design and use of a firewall system.

2) Advanced authentication – this recommends the use of smart cards, tokens, and biometrics.

3) Packet filtering – the use of router to filter TCP/IP

4) Logging and detection – this helps to identify any suspicious activities.

5) Application gateways – this provides a higher level of security.

Features of a good security system

i) It must support the organisation’s security policy.

ii) It must be able to support the type of services that would meet the need of the organisation. To support the organisation's services, there are other factors that must be present, see evaluating firewall products

iii) It must be flexible enough to allow for the changing needs and services of the organisation.

iv) It must be able to log traffic and any suspicious activity. For more information on factors to consider when designing or buying one, go to firewalls design

How it operates

It is a chokepoint where every traffic into the network must pass through before you can have access into any information on the home database. In view of this, it can help the individual or organisation to:

i) implement a security policy that will help guarantee the safety of the information asset.

ii) Log every activity about the system and this could help in investigating any strange activity with a view to correcting them.

For more information on computer security, visit here