SHREE LEARNING ACADEMY

Introduction: What is a Firewall?

A firewall is like a security guard for your computer network. It's either a piece of hardware, like a box that your internet cable plugs into, or software that runs on your computer. Its job is to make sure that the data going in and out of your network is safe and only what you want to allow.

How Does a Firewall Work?

Imagine your network as a big office building and the firewall as the receptionist at the front desk. Just like the receptionist checks who comes in and out, the firewall looks at all the "data packets" traveling into and out of your network. It uses a set of rules called "filters" to decide what gets through and what doesn't.

Filter Rules: The Building Blocks

Filters are the instructions you give to your firewall. They basically tell the firewall to allow, deny, or take note (log) of certain types of data based on where they're coming from, where they're going, or what kind of data they are. For example, you might have a filter that allows emails to come in but blocks any data from a specific website.

Priority Sequence of Filters

Filters are checked in a certain order. Think of it as the receptionist's checklist. This sequence is important because some rules might conflict with each other. The first rule that matches the data packet will be the one applied.

Different Types of Firewalls

Packet Filter Firewall

This is the simplest type. It's like a receptionist who only checks the ID badges without caring about the purpose of the visit. It looks at each data packet independently and applies the filter rules based solely on the source and destination of that packet.

Circuit-Level Gateway

Imagine a more advanced receptionist who also checks why you’re visiting the building. This firewall establishes a "circuit" or path for trusted sessions. It’s more concerned with the nature of the connection rather than individual packets.

Application-Level Gateway

This is like a receptionist who checks your ID, asks about your visit, and even inspects what you’re carrying. It's more thorough and examines the data in the packets themselves, such as the kind of application the data is intended for.

Stateful Inspection Firewall

This is a mix of all the previous types. It's like a receptionist who keeps a log of everyone who comes in, their reasons, and ensures everyone follows the rules. It keeps track of the "state" of active connections and makes decisions based on the context.

Firewall Policy: The Rulebook

A firewall policy is like the rulebook the receptionist follows. It outlines the objectives of the firewall (like blocking harmful websites) and provides the filtering criteria (such as allowing only work-related sites).

Special Cases: Dual-Homed and Multihomed Firewalls

Some firewalls are connected to more than one network, which is known as being dual-homed or multihomed. This is like having a receptionist for multiple doors; it adds an extra layer of complexity and security.

DMZ: A Special Area for Public Servers

DMZ stands for "Demilitarized Zone." This is like a public lobby in a building where visitors are allowed but can’t access the secure areas. Here, you might place servers that need to be publicly accessible, like your company website.

VPN and Firewalls

A VPN, or Virtual Private Network, is like a secure tunnel through the internet. When you're configuring a firewall, you need to make sure that this tunnel is considered safe and allowed to connect.

Ingress vs. Egress Filters

"Ingress" filters control the data coming into your network, while "egress" filters control the data going out. Think of ingress as the entrance door and egress as the exit door, both supervised by the same receptionist (firewall).

ACL: Access Control Lists

ACL stands for "Access Control List." This is the actual list the receptionist consults to see who’s allowed in and who’s not. It's like a detailed guest list for a party, specifying who can come and what they can bring.

Application-Based vs. Network-Based Firewalls

An application-based firewall focuses on applications on your computer (like your web browser), while a network-based firewall focuses on protecting the entire network. Imagine one receptionist for a specific department and another for the entire building.

Stateless vs. Stateful Firewalls

A stateless firewall checks each packet of data in isolation, like a receptionist who doesn’t remember you from your last visit. A stateful firewall remembers past actions, providing a more nuanced level of security.

Implicit Deny: The Default Security Stance

This is the “better safe than sorry” approach. If a data packet doesn't meet any of the allow rules, it’s automatically denied. Imagine a receptionist who, when in doubt, doesn't let someone through.

Conclusion