Network Firewalls Information
Network firewalls protect computer networks against unauthorized use or attack. They permit or deny access to private network devices and applications, and represent an important part of an organization's overall security policy. Firewalls may be software applications, hardware devices (such as routers), or a combination of both. They include turnkey products that are relatively easy to install as well as complex, multi-layer installations that require the expertise of a certified network administrator.
How Firewalls Work
Firewalls use various techniques to validate domain names and IP addresses. Typically, they also filter packet headers to determine whether or not to allow individual data packets. These packet filters inspect the source address and the destination address, the transport-level protocol (e.g., TCP), and other packet characteristics.
Many network firewalls also use proxies, programs or applications that receive traffic destined for other computers. Unlike a packet filter, a proxy generates the connection to the remote machine and can determine if the connection is legitimate. In this way, proxy servers make network requests on behalf of workstation users.
Application firewalls like the one in the diagram below are also used for network security.
Types of Network Firewalls
Although packet filter firewalls and proxy firewalls are the most common types, some networks also use distributed or dynamic firewalls.
Distributed firewalls require network administrators to load a single network policy specification onto all networked machines. These firewalls are more time-consuming to install and configure, but can be combined with an intrusion detection system (IDS) that reacts to anomalous events.
Dynamic firewalls also modify their rules based on incoming traffic. Although they do more than stop traffic, dynamic firewalls may block legitimate websites after defending against attacks that are disguised to appear as if originating from these valid sites.
Other types of network firewalls require signatures or are designed to permit access to mobile or cellular users.
Specifications and Features
The Engineering360 SpecSearch database allows industrial buyers to search for network firewalls based on parameters such as the number of ports, data rate, and number of concurrent connections. Often, these ports use an RJ-45, USB or other serial interface. With some network equipment, support for wireless communication and VoIP is available. Firewall product and performance specifications also cover the processor or CPU type, process speed, and the amount of RAM.
Features of firewalls include logging and reporting, automatic alarms at given thresholds of attack, and a graphical user interface (GUI) for configuring the firewall.
Resources
University of New Mexico - Network Firewalls (pdf)
Image Credits:
Moxa Inc. | Tech Republic