WHAT IS A FIREWALL?
It is a tool responsible for analyzing connections and controlling traffic between a local area network (LAN) and external internet connections, commonly known as wide area networks (WAN). It manages the information entering and leaving the network to ensure a secure network, thus preventing unauthorized access.
Firewall history
It emerged in 1980, shortly after the advent of the internet, with the aim of protecting user data. The number of individuals using computers with internet connections was steadily increasing; at that time, routers themselves kept networks separate from one another. In the late 1980s, the internet community experienced security breaches by some users. Clifford Stoll discovered how to manipulate the German espionage system. Another attack was the Morris worm, the first large-scale internet security attack, affecting six thousand servers and constituting the first violation of the Computer Fraud and Abuse Act, impacting approximately 101,000 connected computers.
It's a filter that regulates the flow of information between networks. There are thousands of ports, each with its specific function. Ports that allow a connection are said to be open, and ports that don't are said to be closed. Firewall parameters are automatically preset by the computer itself, but they can be modified and defined by the user.
How firewalls work
The firewall is typically located at the junction between two networks. Between a public and a private network, if the traffic complies with the rules configured in the firewall, information can enter or leave the network. If it does not comply with the firewall's rules, the information will be blocked and unable to reach its destination.
Content filtering allows administrators to easily block certain types of web content without having to manually block each individual URL. Inappropriate websites and social media sites can be blocked quickly and easily.
Examine the header of a packet to see the source and destination. From there, depending on how the rules are defined, the firewall will act in one way or another, either deleting or forwarding the file.
Firewalls can be:
- Hardware firewall: These devices are placed between the router and the internet connection independently; nowadays, broadband routers already have them built in. They help provide strong protection against potential attacks such as viruses, worms, and Trojans. These devices require some technical knowledge for their installation, configuration, and daily monitoring.
- Software firewall: There are two types, the free one and the paid one.
It's the more common of the two software options due to its easy installation and lower price. It can come pre-installed or be installed manually. It protects your computer from unauthorized access attempts and even viruses.
Types of firewalls
- Firewall proxy: Network security system, which in addition to selecting which traffic is allowed and which is not, uses technology to deeply analyze packets to look for signs of attack.
- Stateful inspection firewallIt allows blocking traffic based on criteria such as state, port, and protocol. It tracks activity from the opening of a connection until it is closed. Filtering is based on restrictions defined by the administrator.
- Firewall for unified threat management (UTM)This firewall focuses on simplicity and ease of use. Intrusion prevention and antivirus protection, it also includes additional services such as cloud management.
- Next-generation firewall: An advanced firewall that performs more functions than simple filtering, allowing: application detection and control to block applications that may pose risks
NGFW focused on threatsIt offers more advanced threat detection. This type of firewall allows for: a complete overview, enabling you to see the highest-risk sectors; automated security with faster response times; and unified policies that provide protection during an attack.
