In this article I describe you the role of firewall in network security. Firewall is main device used for network security in all networks. Firewall works like a barrier between own network and internet or WAN. Firewall placed at the end of the network so all data packets can check for security. Firewall provides the facility to drop or allow the data packets. Firewall may be any hardware or software or both. Generally, three tasks done by any firewall accept, reject and drop. The term accept belongs to allow the traffic. The term reject belongs to block the traffic with reply “host is unreachable”. The term Drop means block the traffic with no reply.
There are many types of vulnerability in a network connected with internet. Hackers from all over the world always try to get information from any network. You can safe your network from these attacks by understanding some network security basic concepts and use the firewall in your network. Now a lots of devices transfers data over the internet over wired, wireless and cellular networks.
Network security protects the devices from unauthorised access and malfunction activities. Malfunction activities can modify or destroy the data. The major cause of data theft is frequently use of internet from mobile and computers. We share personal data on social sites and do financial transaction on internet. The data shared on internet is always on risk from hackers and attackers. To keep safe the data from unauthorised access network security is necessary. We can prevent the attacks on our devices by using the firewall in network security.
Suppose a person A want to send email to person B. A third person C is present in the same network and person C capture the data and alter some text. In another case suppose person A sharing some financial details to person B. it is possible the person C can fetch the details and use them later in future for any online fraud or money theft. So we can say the purpose of network attack is to steal the information from any computer device. There are multiple types of threats that can be used by hackers to steal the information from a network.
What is network security ?
Network security is necessary to protect the own networking devices and clients from unauthorized access, destruction and malfunction etc. Internet is the main resource of security threats. We manage the network for protection from these threats. We can say network security is all about to protect our internet connected computers from virus and hackers. You can manage our network security by using some firewalls, router etc. We allow unauthorized access to unknown persons by compromising own network security.
Requirement of firewall in network security
Routers provides a facility to check the incoming and outgoing traffic by using ACLs. Before firewalls routers perform the security tasks. The ACLs check the IP address of a packet to allow or deny pass through it. ACLs are IP address specific. Firewall check the type of data packet by tag of port number on packet. ACLs do not perform the packet filter on service basis or port basis. To overcome this problem firewall came into picture and firewall introduced.
Working of firewall in network security
Firewall works on some pre-set rules defined by network administrator. Each incoming and outgoing data packet examine according to the predefined rules. After checking the data packet firewall decide to allow, reject or deny the packet. We know that the data traffic may be incoming or outgoing in network. the rules can be set accordingly on incoming and outgoing traffic. By default, all data packets deny by the firewall. Network administrator required to define which kind of data packets allowed in network. a firewall itself not capable to take decision on incoming and outgoing traffic through it. It follows some programmed rules created by network administrator. If incoming packets, follow the predefined rules than allow to enter in the network. Data packets also reject and deny according to predefined rule.
Process of Packet filtering by firewall in network security
Data packets contain the source and destination address. This IP address based filtering can be done by ACLs in router. firewall do something different with data packets. Data packets contains the port number related to service. These port numbers checked by the firewall to take decision on data packets. For example, if a firewall defined a rule to access the web services at port 80 only, then firewall deny all packets except the http service packets. Data packet filtering done on network layer.
Generation of Firewall in network security
Firewalls can be divided into various generations according to changes in them. The first-generation firewall well known as packet filtering firewalls. The first-generation firewall works based on IP address or source and destination, protocols and port numbers of the data packets. It works on transport layer.
Second generation firewalls well known as statefull inspection firewalls. Second generation firewalls check the connection state of a data packet. The Second generation firewall keep track on network connection state like TCP streams. Second generation firewalls are more efficient than first generation firewalls.
Third generation firewalls well known as application layer firewall. These firewalls can filter the data packets up to application layer of OSI layer. Generally, application layer firewalls run on proxy servers. It can allow or block the traffic based on predefined rules in it.
Next Generation Firewall generally known as NGFW. NGFW provides the feature to stop the latest security breaches. Like malware attack and application layer attack in the network. NGFW do the deep inspection of the data packets going through it. Generally, NGFW checks the SSL, SSH and type of service for packet.
Types of Firewall in network security
Firewalls are divided into two types host based and network based. Host based firewall used by each host. Host based firewall examine each incoming and outgoing packet on the machine. It is generally a software application available with the operating system of single node. Host based firewalls are important for security from inside attacks. Inside attack means the wrong traffic is not coming from outside the network. when a machine in the network transmitting the false data then host based firewall protect the machine from these attacks. Host firewalls also keep safe the host from unauthorised access.
Network based firewalls works on incoming and outgoing traffic to network. we can say network-based firewalls filters the incoming and outgoing traffic across it. Both firewalls have their own pro and cons.
In this article I described the role of firewall in network security for CCNA Exam. For any query or suggestion on this article you may contact us or drop a comment below. your suggestions are always welcome by us.