What is a Firewall?

What is a Firewall?It's easy to get lost in the computer jargon that surrounds network computing and internet connectivity. When wading through the jungle of technical nomenclature, it's not uncommon to hear the word 'firewall' thrown in as an add-on to certain anti-virus software, or indeed as a handy feature of your own Windows operating system. But what exactly is a firewall, what is it there to protect against, and how does it help you in your daily computing tasks? This article is here to answer these questions, and will provide all the information you need to get up to speed with computer firewalls and how they keep you safe online.

What is a Firewall?

A firewall is a technological or hardware-based barrier system designed to provide an interface between your trusted computer network, and an untrusted network such as the Internet. This is made possible by a system of exception-based rules, which allow trusted apps and programs access to the Internet, and block unwanted or malicious software from gaining access. In large networks, firewalls may not be installed directly on each individual computer, but rather on a 'gateway' computer through which other computers can connect to the network. This gateway system ensures that any malicious attempts at breaching the firewall and accessing a user's information are confined to the information on the gateway computer itself.

Why is a firewall necessary?

If the virtual ports which are used by your computer to access the internet are left unguarded, your computer will be instantly left vulnerable to attacks by cyber-criminals. If these malicious users are left with free access to your computer, they have the potential to install unwanted software, such as trojans or adware, or even to directly access personal information about you or your computer itself. The firewall also works in the reverse direction, and is able to detect any attempts to access the internet made by malicious software installed by legitimate users accidentally. This is, therefore, an invaluable tool when dealing with inexperienced users who may mistakenly install unwanted software, or users who deal frequently with the peer-to-peer (P2P) network, which is well-known for hosting malicious software disguised as genuine files. A firewall is, therefore, necessary to protect you and other users against malicious attempts to access your computer as a result of both mistakenly installed software, and attacks on your computer form users elsewhere on the Internet.

Types of firewall

At the most basic level, a firewall can be described as a 'packet filter'. Indeed, the first generation of firewalls engaged only in this packet filtering activity, which consists of reading the information in each 'packet' of data passing through the virtual ports, and making a decision on whether each particular packet would be permitted to pass through the firewall. Packets can then be individually 'dropped', which results in silent discard of the data, or 'rejected', resulting in an error message being returned. The second generation of firewalls are known as 'stateful firewalls', and work by assessing whether each packet of data is designed to open a new connection, is part of an existing connection, or is being transmitted without an affiliation to any connection, in addition to sensing the contents of the packets themselves. Some of the denial-of-service attacks currently abundant in the media headlines are carried out by launching huge numbers of fake packets towards the firewall of a target with the aim to fill the connection memory of the firewall system. This results in an inability of new connections to be formed with the target, and thus 'denial-of-service' to genuine users wishing to connect. The third generation of firewall is termed an 'application layer firewall', and is even more sophisticated than the previous generations as it is able to detect and interpret the use of different information transfer protocols, such as the File Transfer Protocol (FTP), or the HyperText Transfer Protocol (HTTP) within each virtual port. This functionality enables an even greater level of protection by guarding against the hijack of legitimate ports by malicious programs.

The guide above is designed to provide an introduction to the world of firewalls, but by no means provides an exhaustive description of the types of firewalls used, or the situations in which a firewall is necessary. In recent years, the programming behind firewalls has become ever more sophisticated and complex as attempts to breach the firewalls surrounding huge companies and domestic users alike have become more desperate. There is little point in trying to breach a firewall at its current level of sophistication, and so hackers are concentrating on bombarding the firewalls with unsuccessful attacks in order to overload servers. The material in this guide will provide you will all the information you need to understand the denial-of-service attacks presented in the media, and to better understand the protection required to keep your family or employees safe from cyber-attack.