If you use the Internet on your computer regularly, you must have come across a term called “Firewall.” We often see when our windows suggest to turn on Firewall or antivirus firewall warning. Sometimes a software says that Firewall is blocking the connection. These are the few examples when seeing a word “Firewall” that is related to computer and the Internet.In this detailed post, I will try to explain what Firewall is and how a firewall works to protect our computer.
What is Firewall?
Firewalls are a barrier between your computer and Internet that filters the suspicious requests and intruders. A firewall can either a software program or a hardware that tries to keep your computer secure from intruders and suspicious programs trying to access your computer from the network. Many operating systems have a built in software firewall to protect the computer from threats.
The firewall also aims to give control to the system user or network admin over incoming and outgoing network traffic by analyzing packets. If a network admin wants to block some specific kind of packets, he can define in the firewall.
For example, A company has an internal network. Administrator of the company does not want their employees to connect to some specific websites and restrict file transfer from the Internet. They can use a firewall to deny these things easily.
How Firewall Manages packets
Firewall determines what packets should be accepted, denied or filtered based on the policy. The firewall has a management program that can be configured in two ways to make default policies.
Default Deny policy: Firewall has a default deny policy where a network administrator can define which services and packets they want to accept. All other packets will be denied.
Default Allow Policy: Firewall has a default allow policy where a network administrator can define which services and packets they want to deny. All other packets will be accepted.
In Windows, Microsoft has given us a simple and user friendly firewall that attempts to hide all complexities. Whenever an application try to connect to Internet, it asks to allow the application. If we allow application to access Internet, it adds the rule for that application. You can also add or remove rules from windows firewall that can be found on control panel.
|Add programs in Windows Firewall allowed list|
Packet Filtering Firewall
Packet filtering firewall contains the list of security rules that are used to block traffic based on IP protocol, IP address, and port number. These are very basic firewalls and can also say as the first generation of Firewalls.
It inspects the packets transferring between computers and the Internet. If the packets match the filter’s rule, the packet filter will drop the packet or reject it.
The only problem with these firewalls is that it filters packet based on the information contained in the packets. It has no way to find the difference between legitimate return packet and a packet which pretends to be from an established connection. It mainly works on the first three layers of OSI reference model and most of the work is done between the network and physical layers.