Basically, a firewall is a barrier to keep destructive forces away
from one's property. In fact, that's why it's called a firewall. Its job
is similar to a physical firewall that keeps a fire from spreading
from one area to the next.
Firewall is simply a program or hardware device that filters the
information coming through the Internet connection into private
network or computer system . If an incoming packet of information
is flagged by the filters, it is not allowed through.
With a firewall in place, the landscape is much different. A
company will place a firewall at every connection to the Internet
(for example, at every T1 line coming into the company). The
firewall can implement security rules. For example, one of the security rules inside the company
might be:
Out of the 500 computers inside this company, only one of them is permitted to receive public
FTP traffic. FTP connections only to that one computer are allowed and prevent them on all
others.
A company can set up rules like this for FTP servers, Web servers, Telnet servers and so on. In
addition, the company can control how employees connect to Web sites, whether files are
allowed to leave the company over the network and so on. A firewall gives a company
tremendous control over how people use the network.
from one's property. In fact, that's why it's called a firewall. Its job
is similar to a physical firewall that keeps a fire from spreading
from one area to the next.
Firewall is simply a program or hardware device that filters the
information coming through the Internet connection into private
network or computer system . If an incoming packet of information
is flagged by the filters, it is not allowed through.
With a firewall in place, the landscape is much different. A
company will place a firewall at every connection to the Internet
(for example, at every T1 line coming into the company). The
firewall can implement security rules. For example, one of the security rules inside the company
might be:
Out of the 500 computers inside this company, only one of them is permitted to receive public
FTP traffic. FTP connections only to that one computer are allowed and prevent them on all
others.
A company can set up rules like this for FTP servers, Web servers, Telnet servers and so on. In
addition, the company can control how employees connect to Web sites, whether files are
allowed to leave the company over the network and so on. A firewall gives a company
tremendous control over how people use the network.
Firewalls use one or more of three methods to control traffic flowing in and out of the network:
• Packet filtering - Packets (small chunks of data) are analyzed against a set of filters.
Packets that make it through the filters are sent to the requesting system and all others
are discarded.
• Proxy service - Information from the Internet is retrieved by the firewall and then sent
to the requesting system and vice versa.
• Stateful inspection - A newer method that doesn't examine the contents of each packet
but instead compares certain key parts of the packet to a database of trusted
information. Information traveling from inside the firewall to the outside is monitored
for specific defining characteristics, and then incoming information is compared to these
characteristics. If the comparison yields a reasonable match, the information is allowed
through. Otherwise it is discarded.
Making the Firewall Fit:
Firewalls are customizable. This means that the user can add or remove filters based on several
conditions. Some of these are:
• IP addresses - Each machine on the Internet is assigned a unique address called an IP
address . IP addresses are 32-bit numbers, normally expressed as four "octets" in a
"dotted decimal number." A typical IP address looks like this: 216.27.61.137. For
example, if a certain IP address outside the company is reading too many files from a
server, the firewall can block all traffic to or from that IP address.
• Domain names - Since it is hard to remember the string of numbers that make up an IP
address and because IP addresses sometimes need to change, all servers on the Internet
also have human-readable names, called domain names . For example, it is easier for
most users to remember www.howstuffworks.com than it is to remember 216.27.61.137.
A company might block all access to certain domain names, or allow access only to
specific domain names.
• Protocols - The protocol is the pre-defined way that someone who wants to use a
service talks with that service. The "someone" could be a person, but more often it is a
computer program like a Web browser. Protocols are often text, and simply describe
how the client and server will have their conversation. The http in the Web's protocol.
• Packet filtering - Packets (small chunks of data) are analyzed against a set of filters.
Packets that make it through the filters are sent to the requesting system and all others
are discarded.
• Proxy service - Information from the Internet is retrieved by the firewall and then sent
to the requesting system and vice versa.
• Stateful inspection - A newer method that doesn't examine the contents of each packet
but instead compares certain key parts of the packet to a database of trusted
information. Information traveling from inside the firewall to the outside is monitored
for specific defining characteristics, and then incoming information is compared to these
characteristics. If the comparison yields a reasonable match, the information is allowed
through. Otherwise it is discarded.
Making the Firewall Fit:
Firewalls are customizable. This means that the user can add or remove filters based on several
conditions. Some of these are:
• IP addresses - Each machine on the Internet is assigned a unique address called an IP
address . IP addresses are 32-bit numbers, normally expressed as four "octets" in a
"dotted decimal number." A typical IP address looks like this: 216.27.61.137. For
example, if a certain IP address outside the company is reading too many files from a
server, the firewall can block all traffic to or from that IP address.
• Domain names - Since it is hard to remember the string of numbers that make up an IP
address and because IP addresses sometimes need to change, all servers on the Internet
also have human-readable names, called domain names . For example, it is easier for
most users to remember www.howstuffworks.com than it is to remember 216.27.61.137.
A company might block all access to certain domain names, or allow access only to
specific domain names.
• Protocols - The protocol is the pre-defined way that someone who wants to use a
service talks with that service. The "someone" could be a person, but more often it is a
computer program like a Web browser. Protocols are often text, and simply describe
how the client and server will have their conversation. The http in the Web's protocol.
Some common protocols that you can set firewall filters for include:
o IP (Internet Protocol) - the main delivery system for information over the
Internet
o TCP (Transport Control Protocol) - used to break apart and rebuild information
that travels over the Internet
o HTTP (Hyper Text Transfer Protocol) - used for Web pages
o FTP (File Transfer Protocol) - used to download and upload files
o UDP (User Datagram Protocol) - used for information that requires no response,
such as streaming audio and video
o ICMP (Internet Control Message Protocol) - used by a router to exchange the
information with other routers
o SMTP (Simple Mail Transport Protocol) - used to send text-based information (email)
o SNMP (Simple Network Management Protocol) - used to collect system
information from a remote computer
o Telnet - used to perform commands on a remote computer
o IP (Internet Protocol) - the main delivery system for information over the
Internet
o TCP (Transport Control Protocol) - used to break apart and rebuild information
that travels over the Internet
o HTTP (Hyper Text Transfer Protocol) - used for Web pages
o FTP (File Transfer Protocol) - used to download and upload files
o UDP (User Datagram Protocol) - used for information that requires no response,
such as streaming audio and video
o ICMP (Internet Control Message Protocol) - used by a router to exchange the
information with other routers
o SMTP (Simple Mail Transport Protocol) - used to send text-based information (email)
o SNMP (Simple Network Management Protocol) - used to collect system
information from a remote computer
o Telnet - used to perform commands on a remote computer
No comments:
Post a Comment