Firewall
A firewall is a security system that examines and restricts network traffic on a computer network based on pre-defined or dynamic rules and policies.
In the IT world, a firewall is an analogy for a software or hardware device that filters incoming and outgoing communications between a trusted and an untrusted network (usually the internet).
A firewall protects the devices connected behind it from various types of attacks, including those that allow an attacker to take control of the device. In a simplified way, we can imagine the function of the guards at the entrance to the fortress, who, according to the orders, decide who is allowed in and out.
Types of firewall
In general, we distinguish between two types of firewalls. The so-called network is usually a hardware solution and is the first filter of incoming communication. A personal firewall runs directly on end stations, usually as part of a security solution. Digital Equipment Corporation (DEC) developed the first commercial firewall in the late eighties. Technology has gained importance with the massive expansion of the internet and the rapid development of new digital threats.
How does it work?
Various types of firewalls have appeared historically, gradually evolving in response to emerging threats. The first generation of firewalls filtered so-called packets (blocks of data transmitted over a computer network). It compared their basic information, such as source, destination, used ports and protocols, with a pre-defined list of rules.
The second generation firewall added connection state technology, which can distinguish whether a packet initiated the communication, is part of it or does not participate in the given communication.
The third generation added the ability to filter information across the layers of the ISO/OSI reference model (physical, line, network, transport, etc.), including the application layer. This allows the firewall to recognize applications and frequently used protocols such as FTP and HTTP. Thanks to this, it can detect attacks that try to bypass the firewall with the help of allowed ports or by exploiting a legitimate protocol.
Modern firewalls
We refer to the latest generation of firewalls as "nextgen." They combine all the previous methods and check the filtered content more in-depth. Modern firewalls usually include other security systems such as VPN, IPS/IDS, application control and web content filtering.
What are the benefits?
Installing a firewall will increase the overall security of the IT infrastructure of a company or household. If the firewall is set up well, it is a single point of entry through which all traffic must pass. The firewall then protects all devices from harmful incoming communication.
However, it can also block harmful or unwanted outbound communication caused by malware activity. For example, when an infected computer tries to connect to a botnet network or to a control server under the control of the attacker.
