Today’s Topic – What is a firewall?
The term “firewall” originated in the 1800s to describe fire resistant walls used to slow the spread of fires. Today, firewalls exist in airplanes, cars, ships, and buildings. The term was adopted by the computer industry in the mid-1990s to refer to a network security device that monitors, permits, or blocks incoming and outgoing traffic based on a set of security rules. “Traffic” refers primarily to the use of the Internet.
Most of us would not leave our house or car without locking it and perhaps also setting an alarm to help prevent our valuables from being stolen. However, it’s surprising how many people will not secure their private computers from the same type of crime! Not having a firewall on your network is like leaving your front door wide open.
The purpose of a firewall is to establish a barrier between your internal network (home or work) and to block malicious traffic such as malware, viruses, and hackers. Some firewalls can also be used to block Internet access to certain websites. This is called content filtering, and many schools and businesses use this feature for obvious reasons!
Firewalls can be either software based or hardware. A software firewall is a software application installed on a computer to regulate traffic. Microsoft Windows operating systems have built-in firewall capabilities that a user can configure or disable. This type of firewall is most appropriate for home PC users. A hardware firewall is a piece of equipment installed between your network and a gateway, meaning a cable modem, for example.
A hardware firewall is an absolute necessity for businesses, but home users can also use firewall features that may be built-in to some routers. A good example of a home firewall is the Linksys Cable/DSL router. Computers in your home can connect to the router, which in turn is connected to either a cable or DSL modem. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional features. These devices may also have WIFI capabilities, which is great for your smartphones!
Firewalls use one or more methods to control traffic flowing in and out of a network:
- Packet filtering – Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
- Proxy service – Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
- Stateful inspection – this method doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
- Deep packet inspection and Intrusion Prevention – the newest generation of firewalls combine packet filtering and stateful inspection. They also add a layer of protection such as intrusion prevention services and gateway antivirus. These are services that can be added through a subscription and updated daily to stay on top of the ever-changing world of vulnerabilities and threats.
In my last column, I said that the number one thing you should do to protect your computers and data is save regular backups. The number two thing you should do to protect the privacy and security of your computing is to always work from behind a firewall. Recently, a friend of mine who works in IT security was sitting at the mall next to a man who was making a purchase from his phone. She looked over at him and said, “That’s a very unsafe thing you are doing. Anyone could be capturing your credit card information if you are using public WIFI.” The man had no idea that this could happen, and you probably didn’t know either – until now. You should never use public WIFI or your cellular data plan to access your online banking, credit card accounts, or anything else you’d like to keep private. So, please, take my advice and shut your front door!