ITE Case Study - Firewall PDF

Preview

Summary

Download ITE Case Study - Firewall PDF

Description

ITE#414 – Firewall A firewall is a hardware or software intended to prevent and restrict unauthorized access from a private network. Messages entering and leaving the local network must go through the firewall. The firewall will then inspect each message and block the message that do not meet the security conditions. (About firewalls, 2020) What does a firewall do? A firewall functions as a virtual gatekeeper. It detects the operating system's attempts to obtain entry and prevents unauthorized traffic or unrecognized outlets. A firewall, like the internet, serves as a buffer or filter between your device and another network. A traffic controller may be perceived to be a firewall. By monitoring your network traffic, preventing unsolicited incoming network traffic, and validating access by evaluating network traffic for something malicious including hackers and malware, it helps to secure the network and details. A pre-installed firewall normally comes with the operating system and related security applications. Users must make sure those settings are turned on. In addition, users should ensure that the security settings are configured to automatically execute updates. (What is a firewall and do you need one?, 2020) How does a firewall work? A firewall framework analyzes network traffic based on guidelines. A firewall welcomes only those incoming links that it has been designed to accept. It achieves this by approving or blocking individual data packets based on pre-established security guidelines, which are contact units that users submit over digital networks. A firewall at the entry point, or port, of the user’s machine acts like a traffic guard. Only trustworthy

IP addresses are allowed in. IP addresses are relevant because they mark a device or source.

Types of firewalls Like a broadband router, a hardware firewall is physical, stored between your network and your gateway. A software firewall is internal, a device that operates through port numbers and programs on the user’s computer. Cloud-based firewalls, called Firewall as a Service (FaaS), also exist. One advantage of cloud-based firewalls is that they will evolve with the organization and do better with perimeter defense, compared to hardware firewalls. Based on their structure and features, there are many common types of firewalls. Based on the size of the network and the protection level users require, listed below are a few types of firewalls.  Packet-filtering firewalls A packet-filtering firewall is a control application that can block an IP protocol, an IP address, and a port number for network traffic. The simplest method of security is this kind of firewall and it is designed for smaller networks. Although firewalls for packetfiltering may be useful, they often have limitations. It doesn't block web-based attacks because all web traffic is enabled. So in order to differentiate between friendly and malicious web traffic, you need extra protection.  Stateful multi-layer inspection (SMLI) firewalls The stateful multi-layer inspection firewall has standard functionality for firewalls and keeps track of connections that have been created. It filters traffic, along with

administrator-defined rules and meaning, based on state, port, and protocol. This includes using previous connection knowledge and packets from the same connection. In order to maintain track of all internal traffic, most firewalls focus on stateful packet inspection. In the use of multilayer monitoring, this firewall is a step above packetfiltering. It is also incapable of discriminating between good and bad web traffic, though, so users can need extra tools.  Next-generation firewalls (NGFW) NGFW are more advanced than firewalls for packet-filtering and stateful inspection. They have more layers of authentication to review a packet in its entirety, moving beyond normal packet-filtering. That means not only the header of the packet, but also the substance and source of the packet. NGFW, like advanced ransomware, can block more complex and emerging security threats.  Network address translation (NAT) firewalls A NAT firewall will analyze the traffic on the internet and block unsolicited communications. In other words, it accepts inbound web traffic only if it has been submitted by a computer on your private network. Comparison: Host-based firewalls versus network-based firewalls There are variations, along with the advantages of getting both in operation, between host-based and network-based firewalls. Traffic to and from the internet to protected local area networks (LAN) is filtered by network firewalls. They are usually used by organizations that require a wide network of machines, servers, and staff to be secure. A network-based firewall, as well as blocking some websites, IP addresses, or other

services, will control interactions between a company's computers and external sources. Host-based firewalls work in a similar manner, but are stored on a single computer or system locally. A device program or a suite of apps that allows for further customization is a host-based firewall. In each node, they are mounted, monitor incoming and outgoing traffic, determine whether to allow individual devices to traffic, and protect the host. (What is a firewall and do you need one?, 2020) What are some of the main risks of not having a firewall? There are common and emerging cyber challenges. To help secure your network, and the personal information stored on your computer, from cybercrimes, it is necessary to use available protections. The three major dangers of not using a firewall are listed below. 1. Open access Users may approve any link that is incoming to their network from someone without a firewall. Users have no means of identifying incoming attacks. That may make malicious users exposed to your computers. 2. Lost or compromised data It could leave computers vulnerable if users don't have a firewall, which could allow anyone to gain access to the user’s computer or network. User data could be deleted by cybercriminals or used by them to commit identity theft or financial fraud. 3. Network crashes

Attackers could lock down user networks without a firewall. The user’s time and resources could be invested in getting things going again and trying to restore their saved records.

To conclude, firewalls are a key component of security technologies, especially as various types of firewalls operate together to create a defensive umbrella. Firewalls can help protect the confidentiality and protection of user’s network, device, and files.

References About firewalls. (2020). Iu.Edu. https://kb.iu.edu/d/aoru#:~:text=A%20firewall%20is%20a %20system,to%20the%20internet%2C%20especially%20intranets. What is a firewall and do you need one? (2020). Norton.com. https://us.norton.com/internetsecurity-emerging-threats-what-is-firewall.html...