Firewall configuration - methods of firewall configuration

Articles

Sponsor links

What is firewall - Firewall Configuration - Methods of firewall configuration

A hardware or software that is placed at the outskirts of a network to serve as a gate keeper to all traffic, whether incoming or outgoing is called a firewall. It is the first step towards guarding your network. It ensures that uninvited guests cannot access one’s network. Firewall not only avoids security breach but it also prevents data corruption which occurs due to visiting harmful web pages. It also filters messages in intranets. By the help of a firewall, you can determine rules for which type of traffic can come in and go out of your private network. Firewall enables you to

To block some TCP/IP ports to restrict a specific type of traffic; and
Restrict access to limited domain names and IP addresses by using certain types of firewall.

Before configuring a firewall, one must have basic knowledge about the standard security practices because they trigger a default deny rule. All steps that are a part of firewall configuration need proper attention from the administration because it offers threats to the day to day processes of the machine.

Methods of Firewall -

There are four methods used by firewall to control traffic: packet filtering, circuit level gateway, proxy server and application gateway. It is also possible that one device use more than one of these mechanisms in conjunction with each other to provide stronger security.

Packet Filter is used to cut off the traffic coming to and going from your network and assess it on the bases of provided principles. A packet filter can commonly intercept and evaluate the IP address of source and destination, source port and destination port. You can use this method to filter IP addresses and ports.
A Circuit Level Gateway is used to block the coming traffic to some host except itself; a connection with the circuit level gateway can be build up by using software run by clients. For the outsiders, it seems that communication from your side are created and governed by the circuit level gateway.
Proxy Server not only improves the performance of your network but also works as a kind of firewall. Proxy server hides the actual addresses and appears to originate communication itself. It accumulates the requested pages. Let suppose if someone requests for google.com then proxy server requests google.com and reclaims the web page when google.com is requested by some other user then instead of requesting the google.com once again, it automatically forwards retrieved information from the first user and thus decreases the response time. The server can be configured to block certain IP addresses and ports.

Application Gateway is a kind of proxy server. The in-house client produces connection with the application gateway. It is determined by the application gateway whether to establish a connection with the destination or not. Thus the traffic goes in two paths: from client to the application gateway and from application gateway to the destination. It also monitors all traffic whether it forwards it or not.

There are certain disadvantages associated with these methods. Application gateway is the most popular and successful gateway among others. Application gateway uses more resources such as memory processor power and can have slower speed. Packet filtering is comparatively faster but it can be dogged by IP spoofing – source port that let the firewall think that the traffic is allowed to go through the firewall. The security of packet filtering can be increased by stateful inspection packet filtering or state packet filtering is incorporated.

Build in firewall (simple packet filters) is present in many home routers. In case you are not acting as a server than you are able to block incoming traffic on all ports. In case you are publishing a web page from your personal computer than you are required to allow incoming traffic on Port 80 to get your computer. You must allow incoming connections on Port 21, if you want to download files from your computer from outside using FTP.

Besides build in firewalls, software are also available to run on systems. The software helps in monitoring incoming and outgoing traffic while keeping an eye on what services are trying to come in contact with what other services. Despite of all those firewalls which we can build, flaws are discovered on daily bases which enables hackers to break into the computer and destroy, steal or alter the available data. The best solution is to have a firewall that is capable of blocking all kinds of incoming traffic. Besides, keeping software patched and updates also proves helpful.