Networking / Beginners

Firewall protection

The main function of a firewall is to centralize access control. A firewall serves as the gatekeeper between the untrusted Internet and the more trusted internal networks. If outsiders or remote users can access the internal networks without going through the firewall, its effectiveness is diluted. For example, if a traveling manager has a modem connected to his or her office PC that he or she can dial into while traveling (war driving), and that PC is also on the protected internal network, an attacker who can dial into that PC has circumvented the firewall.

Similarly, if a user has a dial-up Internet account with a commercial Internet Service Provider (ISP) and sometimes connects to the Internet from his or her office PC via modem, he or she is opening an unsecured connection to the Internet that circumvents the firewall. Firewalls provide several types of protection, including the following:

  1. They can block unwanted traffic.
  2. They can direct incoming traffic to more trustworthy internal systems.
  3. They hide vulnerable systems that can't easily be secured from the Internet.
  4. They can log traffic to and from the private network.
  5. They can hide information like system names, network topology, network device types, and internal user IDs from the Internet.
  6. They can provide more robust authentication than standard applications might be able to do.

Each of the preceding functions is described in greater detail next. As with any safeguard, there are trade-offs between convenience and security. Transparency is the visibility of the firewall to both inside users and outsiders going through a firewall. A firewall is transparent to users if they do not notice or stop at the firewall in order to access a network. Firewalls are typically configured to be transparent to internal network users (while going outside the firewall); on the other hand, firewalls are configured to be non-transparent for outside network users coming through the firewall. This generally provides the highest level of security without placing an undue burden on internal users.

[Contents] [Next]

In this tutorial:

  1. Firewall Security Policy
  2. Firewall protection
  3. Firewall architectures
  4. Multi-homed host
  5. Screened host
  6. Screened subnet
  7. Types of firewalls
  8. Packet-filtering gateways
  9. Application gateways
  10. Hybrid or complex gateways
  11. Routing versus forwarding
  12. IP spoofing
  13. DNS and mail resolution
  14. Intranet
  15. Network trust relationships
  16. Virtual private networks
  17. Qualification of the firewall administrator
  18. Remote firewall administration
  19. Firewall backup
  20. System integrity
  21. Physical firewall security
  22. Firewall incident handling
  23. Upgrading the firewall
  24. Revision/update of firewall policy
  25. Examples of service-specific policies