Almost every computer user knows something about firewall security. Even if you don’t, you would at least know that firewall security is important to safeguard your computer against various threats. Firewall security ensures that there is a barrier between trusted and untrusted networks. Through firewall security, a user is able to block certain network traffic which he is not sure of. To be precise, firewall security ensures that your computer is not attacked or harmed in any way.
Working of Firewall Security
There are different types of firewall, like packet filtering firewall or deep packet inspection firewall. It does not matter which type we are talking about, the basic configuration of a firewall management program is always done in two ways :
1) Deny policy – The allowed networks are mentioned by the user and all other networks are denied.
2) Allow policy – The denied networks are mentioned by the user and all the other networks are accepted.
The deny policy approach is considered to be the best and safest approach towards safeguarding your computer against threats. But, this approach is complex and difficult to set up. Therefore, people usually use the allow policy approach.
Types of Firewall Security
1) Packet filtering firewall – This type of firewall security has some pre-defined rules. These rules are able to block traffic based on a number of different factors like IP address, IP protocol etc. However, in this type of security all traffic will be allowed. Therefore, you will also need to have an intrusion prevention program so that good traffic can be differentiated from bad traffic. This type of security can not distinguish between good and bad traffic on its own.
2) Stateful firewall – This works in a similar way to packet filtering firewall. However, this type of security is able to collect data about which connections have been successfully established and therefore, should be allowed. The basic problem is the same. This type of security is also unable to distinguish good traffic from bad traffic. As a result, you will need an intrusion prevention program.
3) Application aware firewall – This type of security has additional features and allows rules and signatures. Therefore, application aware firewall is very flexible. Most experts suggest that there are no serious drawbacks to this approach. Only some minor attacks may be overlooked because the program will not be able to understand real time situations.
4) Application proxy firewall – This type of firewall acts as an intermediary for certain programs. It notes all request to pass and validates them before giving permission. Eachproxy can handle just one protocol and therefore, implementation is rather difficult. However, no intrusion prevention program is required with this type of security. In order to block certain connection or protocols, an application proxy firewall should be able to understand all protocols completely.
5) Deep packet inspection firewall – This type of security is considered to be quite reliable. With deep packet inspection, the firewall usually examined data which is very deep. This can prevent layer attacks. This type of security is actually similar to an intrusion prevention program and provides the same benefits.
About the Author: Tom Mallet is an Australian freelance writer and journalist. He writes extensively in Australia, Canada, Europe, and the US. He’s published more than 500 articles about various topics including deep packet inspection.