Top Articles:

What is firewall - Firewall Configuration - Methods of firewall configuration

advertisemet

Post by Jawad Ahmad Riaz

A hardware or software that is placed at the outskirts of a network to serve as a gate keeper to all traffic, whether incoming or outgoing is called a firewall. It is the first step towards guarding your network. It ensures that uninvited guests cannot access one’s network. Firewall not only avoids security breach but it also prevents data corruption which occurs due to visiting harmful web pages. It also filters messages in intranets. By the help of a firewall, you can determine rules for which type of traffic can come in and go out of your private network. Firewall enables you to

    • To block some TCP/IP ports to restrict a specific type of traffic; and

    • Restrict access to limited domain names and IP addresses by using certain types of firewall.

     


    Before configuring a firewall, one must have basic knowledge about the standard security practices because they trigger a default deny rule. All steps that are a part of firewall configuration need proper attention from the administration because it offers threats to the day to day processes of the machine.

    Methods of Firewall -

    There are four methods used by firewall to control traffic: packet filtering, circuit level gateway, proxy server and application gateway. It is also possible that one device use more than one of these mechanisms in conjunction with each other to provide stronger security.

     

     

      • Packet Filter is used to cut off the traffic coming to and going from your network and assess it on the bases of provided principles. A packet filter can commonly intercept and evaluate the IP address of source and destination, source port and destination port. You can use this method to filter IP addresses and ports.

      • A Circuit Level Gateway is used to block the coming traffic to some host except itself; a connection with the circuit level gateway can be build up by using software run by clients. For the outsiders, it seems that communication from your side are created and governed by the circuit level gateway.

      • Proxy Server not only improves the performance of your network but also works as a kind of firewall. Proxy server hides the actual addresses and appears to originate communication itself. It accumulates the requested pages. Let suppose if someone requests for google.com then proxy server requests google.com and reclaims the web page when google.com is requested by some other user then instead of requesting the google.com once again, it automatically forwards retrieved information from the first user and thus decreases the response time. The server can be configured to block certain IP addresses and ports.

      Application Gateway is a kind of proxy server. The in-house client produces connection with the application gateway. It is determined by the application gateway whether to establish a connection with the destination or not. Thus the traffic goes in two paths: from client to the application gateway and from application gateway to the destination. It also monitors all traffic whether it forwards it or not.


      There are certain disadvantages associated with these methods. Application gateway is the most popular and successful gateway among others. Application gateway uses more resources such as memory processor power and can have slower speed. Packet filtering is comparatively faster but it can be dogged by IP spoofing – source port that let the firewall think that the traffic is allowed to go through the firewall. The security of packet filtering can be increased by stateful inspection packet filtering or state packet filtering is incorporated.

      Build in firewall (simple packet filters) is present in many home routers. In case you are not acting as a server than you are able to block incoming traffic on all ports. In case you are publishing a web page from your personal computer than you are required to allow incoming traffic on Port 80 to get your computer. You must allow incoming connections on Port 21, if you want to download files from your computer from outside using FTP.

      Besides build in firewalls, software are also available to run on systems. The software helps in monitoring incoming and outgoing traffic while keeping an eye on what services are trying to come in contact with what other services. Despite of all those firewalls which we can build, flaws are discovered on daily bases which enables hackers to break into the computer and destroy, steal or alter the available data. The best solution is to have a firewall that is capable of blocking all kinds of incoming traffic. Besides, keeping software patched and updates also proves helpful.
      advertisemet


Interested in Advertising your products or website with us? Click Why Advertising with us ?


Related Articles
- Internet security systems

- Configurie juniper ssg firewalls

Useful & Related Links



Other Improtant topics

Computer Network Architechture :: Data recovery :: What is Data Mining & techniques :: Security issues of Computer :: Frame Relay :: How to create wireless groups :: How to design security policy for network :: How to Troubleshoot LAN :: How to Troubleshoot WLAN :: Infrared Network :: Introduction to Active Directory :: Network Management Software :: Network ports List :: Network Security Software :: Networking FAQ :: Online Security Threat :: Satellite Communication :: Submarine Communication Cable :: Telecommunication Networks :: WAN Technology :: What is Cryptography :: What is Optical Router :: Working Of Telnet :: Linux Server Adminstatrion :: Wireless Bridges set up techniques :: Digital Communication :: How to Configure Linksys wireless bridge :: How to setup wireless repeater :: Distributed Computing :: Hight Performance Computing :: Parallel computing :: Quantum Computing :: Super Computing :: Cloud Computing :: How to configure print server :: How video conferencing works :: Setting up TCP/IP network :: Recover lost hard drive data :: How to solve network performance problems :: 3GPP2 Multimedia Domain Architecture :: Network management model and architechture :: What is protocol analysis & Analyzer :: What is network address translator :: Internet network architecture :: Types of information technology :: What is DSL technology :: Dsl concept :: Dsl vs Cable internet :: Network simulator :: Next generation networks :: What is Switched mesh :: What is 127.0.0.1 :: How to change mac address :: How to flush dns :: EV-DO Rev. B Technology? :: What is network protocol :: What is ASIC :: Blu ray Technology :: Field Program Gate Array (FPGA) :: Computer networking with ethernet hub :: Intelligent networks :: Adsl problems and oppertunities :: Dsl components :: What is hub :: What is networking switch :: Hubs Vs Switches :: Frame relay networks

Browse All Categories