Know and understand firewall including its purpose

Resources | Subject Notes | Information Communication Technology ICT

IGCSE ICT 0417 - 8 Safety and Security - Firewalls

IGCSE ICT 0417 - 8 Safety and Security

8.1 Firewalls

A firewall is a crucial component of network security. It acts as a barrier between a private network (like your home or school network) and the public internet. Its primary purpose is to control the network traffic that flows in and out, helping to prevent unauthorized access and malicious attacks.

Purpose of a Firewall

The main purposes of a firewall are:

  • Prevent unauthorized access: Firewalls block attempts by hackers or malicious software to gain access to your network and devices.
  • Control network traffic: They examine incoming and outgoing data packets and allow or block them based on a set of predefined rules.
  • Protect against malware: Firewalls can help prevent malware (like viruses and worms) from entering your network.
  • Monitor network activity: Many firewalls log network activity, which can be useful for identifying security threats.

How Firewalls Work

Firewalls operate by examining network traffic against a set of rules. These rules specify criteria such as:

  • Source IP address: The IP address of the device sending the data.
  • Destination IP address: The IP address of the device receiving the data.
  • Port number: A numerical identifier for a specific application or service (e.g., port 80 is typically used for web traffic).
  • Protocol: The communication method used (e.g., TCP, UDP).

Based on these rules, the firewall will either allow or block the network traffic.

Types of Firewalls

There are different types of firewalls, each with varying levels of complexity and functionality:

Type of Firewall Description Advantages Disadvantages
Packet Filtering Firewall Examines individual data packets and blocks those that don't meet the defined rules. Simple and fast. Limited security; only examines packet headers.
Stateful Inspection Firewall Keeps track of the state of network connections and makes decisions based on this information. More secure than packet filtering; better at detecting malicious traffic. More resource-intensive than packet filtering.
Proxy Firewall Acts as an intermediary between your network and the internet. All traffic passes through the proxy, which inspects it for threats. High level of security; can hide internal network addresses. Can slow down network speed.
Next-Generation Firewall (NGFW) Combines traditional firewall features with advanced security capabilities like intrusion prevention systems (IPS) and application control. Comprehensive security; protects against a wide range of threats. More expensive and complex to manage.

Firewall Configuration

Firewalls need to be configured with appropriate rules to ensure effective security. This involves defining which types of traffic are allowed and which are blocked. Incorrectly configured firewalls can either leave your network vulnerable or block legitimate traffic.

Example of a firewall rule:

Allow incoming TCP traffic on port 80 (HTTP) from any source IP address.

Conclusion

Firewalls are an essential security measure for protecting networks and devices from unauthorized access and malicious attacks. Understanding how firewalls work and how to configure them properly is crucial for maintaining a secure online environment.

Suggested diagram: A firewall sits between a network and the internet, controlling the flow of data.