Firewall Definition and Working
The role of fire wall is to enforce a security policy between the secure internal networks and the internet. A firewall is implemented in a computer or a router and its role is to control external access to internal information and services.
Organizations employ firewalls for one or more of the following reasons:
- Preventing intruders, hackers to access the organization’s internal network and its daily operations.
- Preventing intruders from modifying or deleting the stored information.
- Preventing the intruders from attaining confidential and secret information of the organization.
In general the basic firewall contains a packet filter. In addition, advanced firewalls contain the combinations of some application gateways and packet filters.
Packet Filtering in Firewall
Any business organization in general has a router which connects to its internal network and to its internet service provider i.e. public internet. The entry and passing out of all traffic will be done through router. In general, all the manufacturers of the routers offer inbuilt filtering options in their product. By these filtering options, the router behaves like a filter when all options are turned on and keep configured. A filter allows some data-grams enter through the router and send out other data-grams. The decisions of filtering are normally based on the following points:
- The incoming IP address of the data that where it is coming from
- The destination IP address
- TCP of UDP source and destination port
- ICMP message type
- Initializing connection data-grams using the ACK bits or TCP SYN
All packet filters are followed by tables that are configured by the administrator in the router. The tables list contain destinations and sources which are to be acceptable, destinations and sources which are to be blocked and default rules about what to do with packets coming from or going to other machines.
The second half of the firewall mechanism is the application gateway. Instead of just looking at raw packets, the gateway operates at the application level. For example mail gateway can be setup to scrutinize every message coming out or going in. For each and every decision it makes to discard or transmit the data depending on message size, header fields, or even the content.