A firewall goes a bit further than just standing in for the local computers and hiding them from view on the global network, as a proxy server does. Firewalls are specifically designed to control inbound and outbound access, preventing unauthorized data from entering the network and restricting how and what type of data can be sent out.

The firewall gets its name from the building industry. In commercial structures, it is common to build a barrier wall made of fireproof material between two areas of a building. This wall is designed to prevent fire from spreading from one part of the building to the other. Another example is the heat barrier between the engine of an automobile and the passenger compartment, also called a firewall. Likewise, a network firewall acts as a barrier to prevent bad data whether that be virus code or simply messages to or from unauthorized systems from spreading from the outside network (usually the Internet) to the internal network. It also prevents packets of a particular type or to or from a particular user or computer from spreading from the LAN to the outside network.

In choosing between different firewall solutions, organizations encounter two basic firewall design options:

• A firewall can be designed to permit all packets to pass through unless they are expressly denied.

• A firewall can be designed to deny all packets unless they are expressly permitted.

Obviously, the second method is more secure, but it can result in the denial of access that...