HomeTips & Tricks


The term “FIRE WALL” originally meant, and still means, a fireproof wall intended to prevent the spread of fire from one room or area of a building to another. The Internet is a volatile and unsafe environment when viewed from a computer-security perspective, therefore firewall is an excellent metaphor for network security.

A firewall is a secure and trusted machine that sits between a private network and a public network.The firewall machine is configured with a set of rules that determines, which all network traffics will be allowed to pass and which all network traffics will be blocked or refused. In some large organizations, you may even find a firewall located inside their corporate network to segregate sensitive areas of the organization from other employees.

Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

The firewall uses the following techniques to control the inflow and the outflow of the traffic in a particular network..

  • Packet Filtering
  • Circuit Relay / Circuit Level Gateway
  • Application Level Gateway

Packet Filtering

A packet is a quantity of data of limited size, kept small for easy handling. All Internet traffic travels in the form of packets. All your file downloads, Web page retrievals, emails…etc.. all these Internet communications always occur in packets.

Packet filtering inspects each packet passing through the network and acception or rejection it based on user-defined rules.

In packet filtering, only the protocol
and the address information of each packet is examined. Its contents and context (its relation to other packets and to the intended application) are ignored. The firewall pays no attention to applications on the host or local network and it knows nothing about the sources of incoming data.

So basically, Packet Filtering consists of examining incoming or outgoing packets and allowing or disallowing their transmission or acceptance on the basis of a set of configurable rules.

Circuit Relay / Circuit Level Gateway

This is a firewall approach that validates connections before allowing data to be exchanged. In technical terms it applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

Firewall doesn’t simply allow or disallow packets but also determines whether the connection between both ends is valid according to configurable rules, then opens a session and permits traffic only from the allowed source and possibly only for a limited period of time.
Every session of data exchange is validated and monitored and all traffic is disallowed unless a session is open.

Application Level Gateway

Application Level Gateway(ALP) applies security mechanisms to specific applications, such as FTP and Telnet servers. Application-level gateways are generally regarded as the most secure type of firewall. They certainly have the most sophisticated capabilities.

An application gateway is normally implemented on a separate computer on the network whose primary function is to provide proxy service.

But the disadvantage is that the setup may be very complex, requiring detailed attention to the individual applications that use the gateway thus it can impose a performance degradation.
All firewalls regardless of type have one very important thing in common..they receive, inspect and make decisions about all incoming data before it reaches other parts of the system or network. That means they handle packets and they are strategically placed at the entry point to the system or network the firewall is intended to protect.

The logic is simple..
A firewall must be positioned to control all incoming and outgoing traffic. If some other program has that control, there is no firewall..!!

Comments (7)

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge