A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers.
How does a firewall works in computer security?
Firewalls analyze incoming traffic based on pre-defined rules and filter traffic coming from unsecured or suspicious sources to prevent attacks. Firewalls guard traffic at a computer’s entry point called ports, which is where information is exchanged with external devices.
Types of Firewall in Computer Networking
- Next-generation firewalls (NGFW): It combines traditional firewall technology with additional functionality, such as encrypted traffic inspection, intrusion prevention systems, anti-virus, and more. Most notably, it includes deep packet inspection (DPI). While basic firewalls only look at packet headers, deep packet inspection examines the data within the packet itself, enabling users to more effectively identify, categorize, or stop packets with malicious data.
- Proxy firewalls: It network address translation (NAT) firewall stateful multilayer inspection (SMLI) firewalls filter packets at the network, transport, and application layers, comparing them against known trusted packets.
- Network firewalls: It involves the application of one or more firewalls between external networks and internal private networks. These regulate inbound and outbound network traffic, separating external public networks—like the global internet—from internal networks like home Wi-Fi networks, enterprise intranets, or national intranets. Network firewalls may come in the form of any of the following appliance types: dedicated hardware, software, and virtual.
- Host firewalls: It involves the use of firewalls on individual user devices and other private network endpoints as a barrier between devices within the network. These devices, or hosts, receive customized regulation of traffic to and from specific computer applications. Host firewalls may run on local devices as an operating system service or an endpoint security application. Host firewalls can also dive deeper into web traffic, filtering based on HTTP and other networking protocols, allowing the management of what content arrives at your machine, rather than just where it comes from.
- Hybrid Firewall: As implied by the name, hybrid firewalls use two or more firewall types in a single private network.
Pros And Cons
Firewalls can be classified in a few different ways. Three important concepts to understand when selecting a firewall solution are the difference between stateful and stateless firewalls, the various form factors in which firewalls are available, and how a next-generation firewall (NGFW) differs from traditional ones.
Difference between a Firewall and Anti-virus| Attributes | Firewall | Anti-virus |
|---|---|---|
| Definition | A firewall is defined as the system which analyzes and filters incoming or outgoing data packets based on pre-defined rules. | Anti-virus is defined as the special type of software that acts as a cyber-security mechanism. The primary function of Anti-virus is to monitor, detect, and remove any apprehensive or distrustful file or software from the device. |
| Structure | Firewalls can be hardware and software both. The router is an example of a physical firewall, and a simple firewall program on the system is an example of a software firewall. | Anti-virus can only be used as software. Anti-virus is a program that is installed on the device, just like the other programs. |
| Implementation | Because firewalls come in the form of hardware and software, a firewall can be implemented either way. | Because Anti-virus comes in the form of software, therefore, Anti-virus can be implemented only at the software level. There is no possibility of implementing Anti-virus at the hardware level. |
| Responsibility | A firewall is usually defined as a network controlling system. It means that firewalls are primarily responsible for monitoring and filtering network traffic. | Anti-viruses are primarily responsible for detecting and removing viruses from computer systems or other devices. These viruses can be in the form of infected files or software. |
| Scalability | Because the firewall supports both types of implementations, hardware, and software, therefore, it is more scalable than anti-virus. | Anti-viruses are generally considered less-scalable than firewalls. This is because anti-virus can only be implemented at the software level. They don't support hardware-level implementation. |
| Threats | A firewall is mainly used to prevent network related attacks. It mainly includes external network threats?for example- Routing attacks and IP Spoofing. | Anti-virus is mainly used to scan, find, and remove viruses, malware, and Trojans, which can harm system files and software and share personal information (such as login credentials, credit card details, etc.) with hackers. |
Comments
Post a Comment