Network Firewall

What is a network firewall?

A network firewall is a system that is designed to thwart unauthorized access to or from a private network. Firewalls are very common on networks where security is critical, such as banks and corporate offices.

How it works

Network firewalls check data packets that are transmitted to and from a local area network (LAN), looking for signs of malicious activity. A firewall will block any suspicious traffic, while allowing authorized communication without interruption. Most firewalls can log activity, so administrators can see exactly what is happening on their network.

Types of firewalls

There are two main types of network firewalls: packet-filtering firewalls and proxy-based or circuit-level gateways.

Packet-filtering firewalls

Packet-filtering firewalls are the most common type of firewall. They look at data packets as they pass through the firewall on the way into and out of a network. These firewalls can be configured to allow or block traffic based on source and destination IP addresses, source and destination port numbers, protocol type (TCP vs UDP), and other fields contained in each packet.

Proxy-based firewalls and circuit-level gateways

Proxy-based and circuit-level gateways work at a lower level than packet-filtering firewalls. Instead of looking at the contents of each data packet, they look at communication streams as a whole. This allows networks to take advantage of their own internal caching mechanisms (when proxy servers are used) and perform more in-depth and accurate network analysis.

When configured to function as a proxy server, the firewall acts as an intermediary between your local network and the internet. The proxy server forwards data packets back and forth between them, performing tasks such as caching, authentication, decryption and/or inspection along the way. This type of configuration is typically used when there is a high volume of traffic on the network.

Circuit-level gateways work at the session layer and create an “electronic circuit” between two machines, essentially acting as a proxy for entire sessions instead of individual packets. This type of gateway doesn’t inspect the contents of each packet; it only looks at the source and destination addresses, as well as other information about the session.

The benefits of using network firewalls

Network firewalls are designed to protect your network by blocking all unauthorized access to or from it. They also stop internal threats such as viruses, malware, spam, and Trojans. By installing a firewall on each of your business’s PCs, you can help ensure that no sensitive data is leaked or tampered with by cybercriminals.

Other benefits may include:

• Protecting local area network (LAN) resources from external access
• Providing the capability to block specific types of data (HTTP, FTP)
• Blocking all sessions from unauthorized IP addresses
• Monitoring and controlling bandwidth usage
• Ensuring faster connection speeds for legitimate traffic only
• Facilitating communication between LANs and WANs
• Blocking connections from unsafe or unsecured locations
• Allowing only the necessary traffic to pass through network firewalls, increasing speed
• Reducing or eliminating downtime by stopping DOS attacks before they happen
• Logging and monitoring activity on the network, helping to diagnose problems and prevent future attacks

Why you need one

Network firewalls are an inexpensive way to improve your network’s security. It is always better to be safe rather than sorry, especially since the cost of installing a firewall is nothing compared to dealing with the fallout from a cyber attack or data breach.

Network firewalls allow you to pinpoint the source of suspicious activity on your network, allowing you to cut it off at the root before any damage can be done. They also monitor traffic and keep a log of all activity on the network, allowing you to monitor your employees’ browsing habits or access patterns.

Network firewalls allow you to monitor and block illegitimate traffic, including spam emails. They can even help secure email attachments from viruses. By stopping unwanted content before it enters the network, they help conserve bandwidth as well as save money by reducing operating costs.

How to Choose a Network Firewall

Whether you have one computer at home or a business with several servers and thousands of users, there is a firewall solution out there for every size and scale of operation. Understanding what makes a good firewall will help ensure that you choose the right product for your needs. Here are some factors to consider:

• Technology. Traditional hardware-based firewalls use a dedicated hardware device to manage and control network traffic. These types of firewalls typically offer higher levels of protection but are more expensive than their software counterparts. Hardware-based firewalls are best suited for organizations with complex networks or high levels of traffic.
• Topology. The topology is the layout of your network infrastructure. Do you have one location? A central office with many branches? One large building or multiple smaller ones spread out over several locations? Topology plays an important role in not just choosing the right firewall product, but also configuring it properly once it’s up and running.
• Price point. Network security doesn’t have to be expensive, especially since new firewall software can be more effective than hardware. Firewall software is also easier to install and configure, making the entire process a lot simpler for non-technical users.

Identifying attack methods

Firewalls help prevent attacks from outside sources by blocking incoming traffic that may be harmful. Here are some of the most common attack methods used by cybercriminals:

• Spoofing an IP address. Hackers frequently spoof known addresses of reputable websites to steal login information or confidential data without being detected. This allows them to bypass all security measures put into place on a network or website with ease, since they appear as a legitimate user.
• Port Scanning. Hackers scan your network for open ports using port scanning tools designed specifically for this purpose. Once they’ve found a vulnerable port, they attempt to exploit a vulnerability in the software responsible for the port.
• Man-in-the-Middle Attacks. In man-in-the-middle attacks, cybercriminals monitor data exchanged between two nodes and divert an authorized connection into a malicious one that allows them access to any information you send or receive without your knowledge. Man-in-the-middle attacks are most used on wireless networks, since most traffic is unencrypted and can be easily intercepted.
• Denial of Service (DoS) Attack. A DoS attack attempts to overload a network with so much traffic that it becomes inaccessible. Hackers typically target internet routers or servers in order to gain unauthorized access to data or disrupt service. DoS attacks are typically used for extortion purposes, but they can also be launched as part of a Distributed Denial of Service (DDoS) attack to increase their effectiveness.

Frequently asked questions about network firewalls

Can a firewall detect or stop all security breaches?

A firewall is not a complete security solution by itself, but it adds an important layer of protection. Administrators must monitor and maintain firewalls to ensure they are working properly, as the system only works as well as its weakest link. However, using network data from a firewall can be combined with other forms of security such as authentication and access control systems to create a comprehensive security plan.

How do you access a LAN if there’s no firewall?

If there is no firewall between your local area network and the internet, anyone can access files and information on that network. Hackers often scan the web for unprotected networks to gain access and steal confidential data or plant malware. By using a VPN communication tunnel combined with SSL encryption, you can establish a secure connection across an unsecured network without compromising your network’s security.

What is the difference between a firewall and NAT?

A firewall is used to protect your computer from unwanted traffic. Network Address Translation (NAT) hides internal IP addresses, keeping them private and safely unknown to the outside world.

How much does a firewall cost?

The price of a network firewall depends on several different factors and can range anywhere from $50 to more than $30,000 per device. Factors that influence costs include hardware requirements such as processing power and memory, connectivity options such as type of internet connection used for management purposes or by end-users, number of users requiring access, data throughput speeds required by the organization, physical environment, such as the amount of cable needed to connect devices, and amount of space required for hardware installation.

What is the most common network firewall?

The most common network firewall for home and small business users is software-based. These are free or low-cost programs which offer protection against various forms of attack. For larger enterprises, there are hardware firewalls, which typically provide more features than their software counterparts with additional security capabilities, performance requirements, and costs.