This is not a indepth article about firewalls
but simple basic stuff. In other words, what this article covers is not as in depth as certain degree programs that specialize in computer software and firewall are. I've concentrated on windows based
environment apart from the general case.
What is a firewall? :-
A firewall may be a standalone system,a software
application or a hardware device that blocks/permits traffic,prevents
unauthorized users or malicious traffic from accessing a network
or a system.It acts as a barrier or a membrane between two
or more networks.
The primary job of a firewall is to secure the inside network
from the outside[it can be another network or more often the
internet].Depending upon the policies or access control lists
configured in the firewall,it can monitor inbound/outbound
traffic & plus more.
Do I need a firewall? :-
Thats the question you should be asking yourself.With anyone
who had been using a firewall with logging capabilities knows
the amount of port scans you get on a day to day basis.Thus
there is a need to block inbound traffic.The general tendency
among home users with a single host or a small network is
to use a software firewall on each host.One thing to consider
here is if you are well versed with what goes at the OS level
then you certainly dont need a separate freeware/commercial
firewall,the windows firewall very well does the job for you.Oh
yes I know it monitors inbound connections & not outbound
but the fact remains if you have a knowledge of program control
at the hosting server then why do you need a separate firewall other
than the windows firewall? After all its your computer/s,you
should be knowing what is running & accessing the internet.
One program that I would like to strongly suggest is Fport.It
shows you the mappings of the ports & IP addresses to
their respective applications which are accessing the internet.
If you are getting paranoid then you are better off with
a separate application based firewall.As most software firewalls
ask for permission when a program is trying to access the
internet.Where as if you only have a router acting as a firewall
then it cant do much if malicious programs try to access the
internet.For example if you already have a trojan in your
system then it wont block or notify you of the happenings
since its designed to consider everything that goes out of
the system as legit.It does a very good job of blocking inbound
There are different types of firewalls which serve nearly
same purpose but for different audiences.The two most common
Network level firewalls:These are standalone
boxes & are much more sophiticated with loads of features.To
mention a few,SPI[Stateful Packet Inspection],Deep Packet
Inspection,Logging Capabilities etc.They usually run on
proprietary Operating system such as the Cisco series,they
run on the Cisco IOS[Internetwork Operating System.
Application level firewalls:Software
firewalls,application level proxies come under this category.Apart
from the regular huff & puff they offer a few nifty
features such as content filtering,blocking unwanted hosts.
Proper Implementation :
Just placing the firewall without making full use of it doesnt
serve its purpose very well.Deciding on what rules need to
set for a single host or a network of computers,proper screening
of the inbound/outbound policies is needed.Blocking all traffic
through the firewall & then allowing traffic which is
required as per the policies is considered to be a best practice.This
implies for a application level firewall too.
Software V Hardware Firewall :
A software firewall has to be installed on each host on the
network & if the number of hosts are more then it becomes
a cumbersome job.Also the amount of configuration needed for
each hosts firewall setting is a pain in the neck.Even having
a proxy server software installed to be a gateway has much
to do,for example having a policy such as tunneling HTTP traffic
through the proxy demands the network administrator to configure
each clients browser settings.
A hardware firewall acts as a gateway to all the computers
inside the LAN.Configuring & making changes applies to
the gateway only.For example say the policy is to block all
inbound connections to port 21,simply blocking port 21 at
the firewall gateway will block all inbound traffic that is
directed to the ftp port 21 inside the LAN.
Which firewall to choose from will depend on the network
& the amount of resources you got.
But for a small SOHO network may I suggest some freebie Linux
distros which will do the job of a firewall in a jiffy.But
you will need a separate machine for that purpose,even a old
386/486 machine gathering dust will do.
The above are based on the GNU/Linux operating system &
offer nifty feaures such as content filtering,web proxy,packet
filtering.Much more than what a SOHO setup asks for.All the
three have detailed documentation at their respective sites
& also community forums for support & extra addons.They
lack certain features like VPN which are only found in high
class or commercial firewalls.
Although they cant be compared with the options available
in the market but they offer valuable security to a single
host or a small network.
Does having a firewall make me secure?
The answer is "no".Apart from having a well configured
firewall the hosts in a network also need a equivalent &
frequently updated anti-virus.Some NAT routers based firewalls
also provide anti-virus scanning capabilities but that is
like expecting too much of them.A standalone anti-virus application
is designed for a single purpose only.Apart from the above
it also takes some common sense on the part of the user to
make use of the available resources in a proper manner keeping
in mind the security aspect of the host/network.
Before I say good bye I will quote Duane Arnold: "The
protection of the machine is a process and not a given".
Computer Associates Firewall
provide Industrial Strength Personal Firewall. They are Industry's #1 supplier of eBusiness security solutions. The CA security solutions secure a vast range of platform types, ranging from hand held computing devices, through desktops and servers, all the way up to IBM mainframe systems.
BitDefender Internet Security 2008 integrates antivirus, antispyware, firewall and antispam into one comprehensive security package.
It is One of the most famous security solution around there.
Kaspersky Lab is one of the world's top anti-virus companies. Kaspersky Labs also provides Firewall solution for Small and Medium Businesses.