What is a firewall


What is a firewall and how it works 

Firewall is now a very important part of ensuring network security

 Firewalls offer many different features and functions. In the past, the firewall was mostly used to block some ports and NAT management  

There are several security threats today that use a firewall to detect and stop these threats.

 

Features 
Firewall  

Today's modern firewall provides many of the many security features that are most important.

At present, a typical firewall in a company has the following minimum features:

 

Packing filter 

Port management

Network Address Translation (NAT)

Output gateway for apps or applications

Website Firewall (WAF)

Intrusion Prevention System (IPS)

Inspection of packets (DPI)

Stealing SSL / TLS protocols

Equipped with sandboxing system

 

Packet filtering

A typical firewall can filter packets depending on the different packets. This can be very useful for performance and security reasons.

A package can be filtered according to the following points.

TCP source port

TCP destination port

IP address source address

IP address destination address

UDP source port

UDP destination port

TCP flag

IP address packet size


Port management

The firewall is usually used to allow or block different ports and network values ​​in its startup. 

A firewall can act as a controller and mediator between the network and the Internet.

Firewalls can also be used between different network segments for different levels of security.

We can enable access to a specific port, such as the 80 or 443 HTTP and HTTPS ports used by our web application or service.

We can also disable all access through the Internet to our local network.


Network Address Translator (NAT)

The translation of the network address or the translation of the port address is a very useful and powerful feature used to manage the ip addresses and based on our configurations.

Of course, we can use a web service with 8080 Internet port, but this web service can run on port 80, which is located on our server internally.


In the output of the programs  

It is currently one of the most dangerous attacks on the web with different techniques like |
Social engineering, Drive-By download, phishing, web browser operation, XSS and more.
Generally speaking, the application gateway is used to prevent Web-based attacks inside the system.
Of course, enterprise firewalls generally offer Application Gateway features as additional permissions.


Application Firewall 

As you know, the dangers of web attacks are huge, so we need to protect our web servers, web applications and web services.

This type of firewall is located between our WAN or Internet server and our website server.

Every request that is given to the web application is filtered according to the requested features and accepted or blocked them

Especially the attacks of Internet applications such as SqlInjection, Traverse Directory, Brute Force are blocked by Web Application Firewalls and prevent them from entering.


Intrusion Prevention System (IPS)

Firewalls usually detect and prevent known attacks and basic types of attacks.

Today, the world has a variety of the most complex and advanced types of attacks that are not detected by the firewall.

The Intrusion Prevention System (IPS) detects advanced features, techniques, signatures, and provides them with the ability to identify advanced attacks.


Deep Package Inspection (DPI)

Network packets such as TCP, UDP, IP, OSPF, Ethernet are transmitted across the network 

 If we want to have full control over the network, we need to inspect these packages and filter them accordingly.

 Deep Packet Inspection (DPI) is a technology that provides detailed information and control of network protocols and packets.


Stealing SSL / TLS

SSL / TLS is a very popular protocol used to validate web sites and secure traffic encryption.

This can cause some problems with centralized network traffic.

Ending these protocols is used to inspect SSL / TLS encryption traffic in a fashionable fashion without breaking the security of customers.

SSL / TLS stops traffic in the firewall and creates a new SSL / TSL with other sections, which means that web traffic is transmitted in encryption mode.


Next Generation Firewalls

Based on the above features, the next-generation firewall can provide the following features in terms of capabilities and permissions: 

 

Stop SSL / TLS

Deep Pack Inspection

Intrusion prevention system

Web application firewall

In the output of the programs

Load balancing 

Sabir Hussain

About Sabir Hussain This website is maintained by Sabir Hussain. Sabir is as an Independent consultant, professional blogger site has started as a simple bookmarking site, but quickly found a large following of readers and subscribers. Connect on: Google + or Feel free to network via Twitter.@LeveSpace http://www.LeveSpace.com

Leave a Reply