What are firewalls
14:50, 30.01.2023
A firewall is a network security system that filters all traffic according to preset principles and rules. If you imagine a server as a small apartment building, the Firewall is a diligent guard, which monitors the order day and night and does not let in anyone who arouses even the slightest suspicion.
There are following types of firewalls:
- Software firewall. Specialized software is installed on a VPS or a dedicated server, in the configuration file are prescribed certain rules, in accordance with which the filtering of incoming and outgoing traffic will be carried out. A striking example is the Windows firewall, which is built into the operating system by default.
- Hardware firewall. A more reliable and expensive option that allows you to effectively protect the corporate network from DDoS attacks and other hacking attempts. Hardware-software complexes, known as security appliances, are fully autonomous systems that require almost no pre-configuration before introduction into the network. They can be managed remotely via SNMP, Telnet, SSH, or SSL.
The second option is way more preferable for securing branched corporate networks at the expense of increased fault tolerance and performance.
Varieties of Firewalls and how they work
Information between servers and computers on the Internet is transmitted in packets – small pieces of data that contain some information. When you send a file to someone, it is divided into packets, transmitted over the network, and reassembled on the spot according to specific instructions. The firewall is there to analyze and inspect these data packets for the introduction of malicious code. If the "barrier" deems a packet suspicious, it will simply block it, thus preventing a threat to the destination server.
There are two kinds of firewalls:
- Stateful. Analyzes the data in the stream, and decides on traffic filtering based on several prescribed algorithms. Analysis of IP address, protocol, packet length, application, port number, and L3 information allows malicious packets to be identified and filtered with high accuracy. A good solution for corporate networks with high outbound traffic.
- Stateless. Less flexible, but extremely effective due to strict adherence to specified ACL rules. This firewall is the best option for small projects with a low threat level.
Both types of firewalls have their own specific applications, but the first option – Stateful – is considered more reliable and flexible.
Do you need a firewall?
The firewall protects the network on several levels simultaneously:
- Prevents unauthorized access. For example, it can suppress attempts to download the client base from a masked IP if the access settings are checked.
- Blocks the transfer of dangerous data. Imagine a company employee bringing to work an infected thumb drive with a virus that, once activated, can collect the necessary data and send it outside to the creator of the malware. The firewall, if configured correctly, can prevent this from happening even if the network is successfully infected. Remember that the barrier works both ways.
- Protects your corporate network from cyberattacks and DDoS. There is a set of rules that will help suppress any attempts to "take down" the server.
Here, however, there are nuances, and no firewall can provide 100% protection against DDoS attacks. The degree of protection increases, and with the right configuration of firewalls, DDoS attacks will be much less effective, but practice shows that even large companies from time to time are subjected to such attacks, and sometimes hackers even do manage to achieve their goals.
Increase the efficiency of DDoS protection with multi-level filters at L3, L4, and L7 levels using Reverse Proxy technology.
Who needs protection with a firewall?
A firewall is necessary for any project that is connected to the Internet and that regularly receives data "from the outside". Installing and configuring the firewall will not require a serious investment, the first thing you need here is a competent system administrator or cybersecurity specialist who can properly configure the software, and prescribe all the necessary rules and algorithms.
There are also ready-made solutions that can be connected "out of the box" to an existing corporate network. They require minimal time and effort to implement but also cost a lot more. If you have any questions, please contact our specialists through Livechat.