Tech Talk - What are Firewalls?

Firewall

A firewall is a network security system that can monitor and control incoming and outgoing network traffic based on predetermined security rules.  Based on these rules, it decides whether to allow or block specific traffic and as such, provides a valuable, controllable security barrier between inside network devices and potential threats from outside (the Internet).

Hardware firewalls protect the machines on a network and software firewalls protect the individual machines that they are installed upon.

How Do Firewalls Work and What Types Are There?

Firewalls use their set of configurable rules to decide which traffic is allowed through and which traffic must be blocked. The firewall is generally able to do this by scanning packets of data (e.g. for known malicious code or attack vectors which are regarded as threats according to the rules). The main ways in which firewalls work include:

• Packet filtering.  This involves using certain identified threats as filters for incoming data. The small ‘packets’ (from packet switching) that make up data being sent digitally across the Internet are scanned and are either allowed to enter the network or are blocked depending on whether they are within or outside of the configured firewall rules.
• Proxy service/proxy server firewalls. These firewalls are intermediary (application level) servers that separate end-user clients from the destinations that they browse. They create a mirror version of the computer behind the firewall but prevent direct connections between the customer device and incoming data packets. As well as being used as firewalls, proxy servers also work as web filters, provide shared network connections, and cache data to speed up common requests. Proxy service firewalls are very secure.
• Stateful inspection/dynamic packet filtering. Often found on non-commercial and business networks, a stateful firewall (using stateful inspection) works by individually tracking sessions of network connections traversing it (i.e. it monitors the full ‘state ‘of active network connections). This method of firewall filtering therefore relies upon looking at the whole context of the traffic and data packets trying to access the network, rather than just looking at discrete traffic and data packets in isolation.

Benefits and Disadvantages of Firewalls

The benefits of having firewalls in place include:

• Protecting business continuity and protecting the business from threats that could cause damage, disruption, and lead to fines (data protection), loss of customers, reputational damage and more.  For example, firewalls monitor traffic, filter out malware and trojans and, prevent hacking attempts, and maintain privacy as well as security.
• Although firewalls are generally for the good of the business, some of the disadvantages include some firewall rules being so strict that they can restrict the legitimate work of employees, thereby affecting productivity, firewall maintenance for large organisations can be complex (unless handled by the MSP), some firewall costs can be high, and some malware attacks (e.g. through phishing) can get past firewalls.

What Does This Mean For Your Business?

Firewalls are a long-established (and now a relatively standard) element of cyber-defences that still provide a vital protective function. The fact that they can be applied to different parts of the IT system and infrastructure and can be configured with different rules and different levels as required and left to operate on their own gives them flexibility but at the same time, they provide businesses with a level of confidence that networks are being monitored automatically. Firewalls, however, are just one (important) tool in the overall defence of business networks and devices.  Today’s cybercriminals are finding ever-more inventive ways to breach defences and exploit human errors and social engineering opportunities, so businesses need to employ a large number of different security (and privacy) tools and strategies to ensure that they are protected day-to-day.

For Northamptonshire IT support, Network or Cyber Security advice, please call your local MSP, Paradise Computing, on 01604 655900 or send us a message using our online contact form.