Support :: Security :: Firewalls

Why a Firewall?
If you are connected to the Internet (you are reading this page so we will assume for the moment that you are) then you should have a Firewall.

Firewall are to protect your hosts, network, machines, services, appliances of your internal network from external intrusions and limit, restrict or disable access from your networks , machines, services, appliances to external resources and services on the Internet. They might also provide NAT (Network Address Translation) services.

What is a Firewall?
In a nutshell a Firewall is either a piece of hardware or software used to protect a network (a network can contain just one computer). It you are connected to the Internet then you are connected to a network. Internet meaning literally Inter - networking (the connection of networks).

It is connected to:

  1. The network that it is protecting (Your home or office network).
  2. The network that it needs to protect you from (Most likely the Internet).

A Firewall sits at the junction point or gateway between the two networks. As the name suggests Firewalls like real physical Firewalls in buildings exist to stop damage spreading from one area to another. Most probably from the Internet to your home or business network.

Who needs a Firewall?
Anyone who connects to the Internet needs Firewall protection. Irresponsible pranksters, 'script kiddies', crackers, hackers, criminals, people who are just curious and other people with malicious intent are running automated programs scanning for openings into systems all the time. People who do not protect themselves are liable to lose hours or days of work. Malicious programs that get into your computer and / or network can cause loss of data, steal your bandwidth and cause you to have to reinstall your computer.

What different types of Firewalls are there?
There are several types of Firewall and as they are often referred to in different ways and also by programme name we will list them here in terms of how the work.

  1. Packet Filters (Often found on Routers).
  2. Circuit Gateways (Again often found on Routers).
  3. Application Gateways (Found either on individual computers or servers).
  4. Stateful multi layer inspection Firewalls (Professional quality routers and advanced software applications).

Packet Filters
Packet filter Firewalls work at the network level and are most often part of a router. A router receives information (in the form of packets) from one network and forwards them to another network. i.e. from the Internet (a network) to your home or office network. In this type of Firewall each packet (of information) is compared to a predetermined set of rules before the Firewall.

  1. Forwards the packet.
  2. Drops the packet.
  3. Sends a message back to the sender.

Rules can include:

  1. Source IP.
  2. Destination IP.
  3. Source Port Number.
  4. Destination Port Number.
  5. Protocol.
  6. MAC Address.

The best things about Packet Filters is that they are relatively inexpensive and also that they have a minimal effect on network performance. Many (but not all) routers support packet filtering.

Even if you use other security measures and Firewalls either within your network or on your computer filtering in your router provides initial security with a minimal cost both in terms of price and network speed. However simple Packet Filters do not support sophisticated rule based models. NAT (Network Address Translation) capable routers offer all the advantages of packet filters and also can hide the IP addresses of computers on your network, and offer a level of circuit-based filtering.

Circuit Gateways
Circuit Gateways monitor handshakes between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is very useful as it allows information about the internal network to be hidden. Circuit Gateways are fairly inexpensive. However they do not have the security of a Packet Filter Firewall.

Application Gateways
Application Gateways are also commonly called proxies and are similar to circuit-level gateways except that they are application specific. Application Gateways are fairly high maintenance as they have to be setup on each computer in a network and they are also pretty costly in network terms too. You have probably heard of Zone Alarm which claims to be a Firewall but is really an Application Gateway i.e. not really a Firewall (depending on how you define the term Firewall) but so many people refer to them as Firewalls that we are including them in this section.

Application Gateways can filter packets at the application level providing a proxy between your network connection and your application. Incoming or outgoing packets cannot access services for which there is no proxy.

Application Gateways can also be used to log user activity and logins. They do offer a high level of security (when correctly setup), but at the cost of network performance.

There are also Applications Gateways that function on servers or on specialised boxes. These are referred to as 'Security Appliances' and are somewhat beyond the scope of this brief overview.

Stateful Ispection Firewalls
Stateful Inspection (also referred to as dynamic packet filtering) ensures that correct data is passed, every packet is checked to see if it includes valid header flags (TCP) maybe sequence number

Stateful inspection works at the network layer. Unlike static packet filtering, which examines a packet based on the information in its header, stateful inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid.

An example of a stateful firewall may examine not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination.

A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table. Because of this, filtering decisions are based not only on administrator-defined rules (as in static packet filtering) but also on context that has been established by prior packets that have passed through the firewall.

As an added security measure against port scanning, stateful inspection firewalls close off ports until connection to the specific port is requested.

Stateful Inspection was created to prevent an attacker from sending un requested and possibly harmful information (packets) to your network or computer. Stateful Inspection is these days a normal part of personal firewalls.

Stateful Inspection does cause some problems however, for instance with videoconferencing and VoIP voice calls as these sometimes require a user outside your network to initiate a link with a user inside the network. There are various available workarounds for these problems though.

Is a Firewall all I need to be secure?
The Firewall is a pretty essential part of securing your network. However you need further measures to ensure the safety of your data. We heartily recommend that you have a good anti-virus programme as well as a Firewall for anything approaching reasonable security (see our anti-virus section for more information).

Benefits of a Firewall
Firewalls protect private local area networks from attack from the Internet. Many LANs (Local Area Networks) are now connected to the Internet. Without Firewall protection connecting a network to the Internet would be a very high security risk.

Firewalls can allow selective access to internet services. For instance a service that would not be used can be closed off reducing risk. Some computers can be granted more access than others and so on.

What does a Firewall do?
A Firewall examines all information passed between the two networks to see if it passes predefined tests. Depending on the results of these tests the Firewall will then either

  1. Pass the Information on.
  2. Stop the Information being passed.

It can also manage external access to services on the host network. It can be used to log all attempts to enter the host network. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example http, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

What can't a Firewall do?
Carelessness cannot be controlled by Firewalls!

How does a Firewall work?
There are two ways in which Firewalls stop network traffic.

  1. Allow all traffic unless a rule is matched.
  2. Deny all traffic unless a rule is matched.

The type of rules used to determine whether traffic should be allowed through varies from one type of Firewall to another.

Firewalls may be concerned with:

  1. The type of traffic (protocol).
  2. The source IP.
  3. The destination IP.
  4. The source Port.
  5. The destination Port.
  6. The MAC Address
  7. All of the above.

NOTE: NOTE: None of the above applies to the Application Gateway type which work on the computer itself and not on the network. If an Application Gateway software on the host computer is the only type of Firewall used then everything goes to the computer and the Application Gateway software itself decides what to do with the traffic it has received.

Professional Firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system. It is therefore very difficult for an intruder to gain control of the host computer.

Firewall problems
There are problems that accrue from using firewalls. However these problems are worth putting up with as the answer to firewall problems are either no Internet access or no security. It is obvious that neither of these conditions are likely to be acceptable.

  1. Firewalls can cause bottlenecks as all information passing into and out of your network needs to pass through the firewall and depending on the kind of firewall and how it is operating then this can slow things down.
  2. Firewalls by their very nature restrict access (that is in essence what they are for) and some users aren't going to like that. If you are a business then you at least have the option to say 'Tough' at this point as long as access is good enough to work safely. You may have to argue harder with members of your family.
Linx Data Ltd. do not sell computers or computer peripherals, however as we are regularly asked by our clients and others what laptops, home or office computers are the best value for money.
Linx Data Ltd. Recommend Dell computers.
 Dell Desktop Inspiron™ 530 DT (D115006) |
Dell Computers 469789953/ Intel® Core™ 2 Quad-Core Q6600 Processor (2.4GHz, 8MB cache, 1066MHz FSB)/ Genuine Windows Vista™ Home Premium with Service Pack 1, 32-bit - English/ 500GB (7200rpm) SATA Hard Drive/ 3072MB 667MHz Dual Channel DDR2 SDRAM [2x1024+2x51 ...
£ 638		  Dell Desktop Dimension XPS™ 730 - (D117301) |
Dell Computers 469789969/ Intel Core 2 Extreme Processor QX9650 (3.67Ghz Overclocked, 1333MHz FSB, 12MB cache)/ Genuine Windows Vista® Home Premium SP1 - English/ Hard Drive: 640 GB (2x320GB) Serial ATA (7200 Rpm) Dual HDD Config. Raid 0 Stripe/ 2048MB 1333 MHz Dual Ch ...
£ 2,897.99		 
Linx Data Ltd. Recommend and Use Dell Computers exclusively.
Linx Data Ltd.
Linx Data Ltd
5 The Green,
Lowdham
Nottingham
NG14 7DD

Web Tips

Does your Site contain Flash with a nasty 'Click to activate and use this control'?
| Dell Computers
| Amazon Online
| Play.com |

Get a Callback







You must read and type the 6 chars within 0..9 and A..F
Refresh this form | If you cannot read the characters in the Image to the left then please click this Button for audio equivelant CAPTCHA to play in your default audio application (You are required to have software that can play the .wav format)Audio_CAPTCHA | Click here for help using this form



| Accessibility Information for the Linx Data Ltd. Website Accessibility | Keyboard Navigation Information Linx Data Ltd. Accessible Website Design Nottingham Keyboard Navigation | Normal Display Style Linx Data Ltd. Website Design Nottingham Normal Display | High Contrast Display - Requires Cookies to be enabled to retain style throughout Site High Contrast Display