How does a firewall control Internet traffic? know

A firewall is basically a computer network security system that restricts internet traffic inside or outside the boundaries of any network.

This system works by selectively blocking or allowing certain hardware or software data packets (traffic).

Its purpose is generally to help prevent malicious activity and prevent anyone inside or outside the private network from engaging in unauthorized web activities.

What is a firewall?

Firewalls can be thought of as gated borders or gateways that control activity in a private network.

The term firewall was used to refer to walls built to prevent the spread of fire.

Just as a wall helps prevent and extinguish a fire, network security firewalls are for web traffic management to reduce threats.

Firewalls create ‘choke points’ on web traffic, at which traffic is evaluated against a set of programmed parameters and acted upon.

Some firewalls are also capable of tracking traffic and connections in audit logs.

How does a firewall work?

A firewall decides which network traffic is allowed to pass and which traffic is dangerous.

Basically it works by filtering the content, or in other words separating the trustworthy content from the untrustworthy content.

The purpose of firewalls is to secure networks and the endpoint devices within them, known as network hosts.

Types of firewalls

Different types of firewalls include different filtering methods.

Firewall types are distinguished by the way they work, such as connection tracking, filtering rules, and audit logs.

Static (static) packet filtering firewall

Such a firewall is also called a stateless inspection firewall that operates at the OSI network layer (ie Layer 3).

It offers basic filtering by examining all individual data packets sent over the network, based on where that data is from and where it is trying to go.

The filtering done in it is based on IP address, ports and packet protocol, this firewall prevents at least 2 networks from directly connecting without permission.

This firewall can be used on small networks but is difficult to operate on large networks.

Also, this firewall fails to read the application protocol which means that the message content sent inside the packet cannot be read by this firewall.

Due to this weakness, this type of firewall is not considered very strong.

Circuit level gateway firewall

This firewall works at the session level (Layer 5).

These firewalls examine the functional packets in the connection and allow a permanent open connection between the two networks when it is working properly.

After this happens, the firewall stops monitoring the connection, which may later allow something malicious to enter unhindered.

Stateful Inspection Firewall

This firewall, also known as a dynamic packet filtering firewall, is unique in its ability to monitor ongoing connections as well as store and remember past connections.

It began by operating at the communication layer (Layer 4), but today such firewalls can monitor multiple layers, including application Layer 7.

Layer 7 means it can analyze and filter traffic based on specific applications, rather than just looking at the source of the message and the destination IP address and port.

This firewall updates the filtering rules based on the login history in the state table by the screening router.

Filtering decisions are often based on administrator rules when setting up computers and firewalls in general, but the state table allows these dynamic firewalls to make their own decisions.

For example, traffic types that caused problems in the past can be filtered out in the future.

Proxy firewall

Proxy firewalls, also known as application-level firewalls (Layer7), feature the ability to read and filter application protocols.

It combines application level inspection or ‘deep packet inspection (DPI)’ and stateful inspection.

Unlike other types of firewalls, it acts as a separate agent (or proxy) between external networks and internal computers.

A proxy firewall is like a real physical barrier, that is, it acts as a guard at the gate to watch and evaluate incoming data, allowing the data to pass through to the user if no problems are detected. is

The downside of this type of heavy security is that it sometimes interferes with incoming data that poses no threat, causing network disruptions.

Next Generation Firewall (NGFW)

Evolving threats demand new solutions and these firewalls stay on top by combining traditional firewall features with network intrusion prevention systems.

Hybrid firewall

As the name suggests, hybrid firewalls use two or more firewalls together in a private network.

Firewall example and key events

Real-world applications of firewalls in practice have attracted both praise and controversy.

Although firewalls have a long history of success, this type of security must be properly implemented to prevent exploitation.

Additionally, firewalls have been known to be used in ethically questionable ways.

China’s Great Firewall and Internet Censorship

Since 2000, China has built an internal firewall framework for the Internet in the country.

China’s firewall system allows its government to restrict Internet services to local companies, making it much easier to control things like search engines and email services.

US federal agency

In 2020, a misconfigured firewall security led to a cyber attack on the network of a US federal agency.

American Powerhouse

In 2019, a US power grid was affected by a Denial of Service (DoS) vulnerability that was exploited by hackers.

Firewalls on the perimeter network were stuck in a reboot loop for about ten hours, later determined to be the result of a vulnerability in the firewalls.

These incidents highlight the importance of regular software updates.

Without it, a firewall is a network security system whose vulnerability can be harmful.