firewall - technical definition

Listen
Security software that can actively block unauthorized entities from gaining access to internal resources such as systems, servers, databases, and networks. A firewall may also act to prevent internal users from accessing unauthorized external resources. A firewall is installed in a communications router, server, or some other device that physically and/or logically is a first point of access into a networked system. A packet-filtering firewall examines all data packets, forwarding or dropping individual packets based on predefined rules that specify where a packet is permitted to go, in consideration of both the authenticated identification of the user and the originating address of the request. A proxy firewall acts as an intermediary for user access requests by setting up a second connection to the resource. The proxy then decides if the message or file is safe. A stateful inspection firewall examines packets, notes the port numbers that they use for each connection, and shuts down those ports once the connection is terminated. See also authentication, authorization, proxy firewall, and security.

See firewall in Webster''s New World Hacker Dictionary

A computer program or hardware device used to provide additional security on networks by blocking access from the public network to certain services in the private network. Firewalls contain rule sets that either grant or deny data traffic flowing into or out of a network. Simply put, firewalls are to the perimeter of a network what a moat and wall are to a castle.

Because system administrators need to grant access from the outside world to some services within the perimeter, such as email or a Web server, they need to drill holes for these services in their firewalls. Unfortunately, these holes can be exploited by perpetrators. For example, control of outgoing traffic is an often neglected area; there is a real risk that users can introduce malicious code into the network by opening an email attachment or by surfing to a Website having malicious content that installs a back door program on an internal system. These back doors initiate connections to an attacker that, from the firewall’s perspective, seem to be coming from “inside” and are therefore allowed. The reality is that back doors can allow attackers to take over control of an internal system and create considerable damage.

See Also: Back or Trap Door; Electronic Mail or Email; Network; Security.

See firewall in Computer


The primary method for keeping a computer secure from intruders. A firewall allows or blocks traffic into and out of a private network or the user's computer. Firewalls are widely used to give users secure access to the Internet as well as to separate a company's public Web server from its internal network. Firewalls are also used to keep internal network segments secure; for example, the accounting network might be vulnerable to snooping from within the enterprise.

In the home, a personal firewall typically comes with or is installed in the user's computer (see Windows Firewall). Personal firewalls may also detect outbound traffic to guard against spyware, which could be sending your surfing habits to a Web site. They alert you when software makes an outbound request for the first time (see spyware).

In the organization, a firewall can be a stand-alone machine (see firewall appliance) or software in a router or server. It can be as simple as a single router that filters out unwanted packets, or it may comprise a combination of routers and servers each performing some type of firewall processing.

Firewall Techniques


Following are the different methods used to provide firewall protection, and several of them are often used in combination.

Stateful Inspection
Tracks the transaction to ensure that inbound packets were requested by the user. Generally can examine multiple layers of the protocol stack, including the data, if required, so blocking can be made at any layer or depth. See stateful inspection.

Network Address Translation (NAT)
Allows one IP address, which is shown to the outside world, to refer to many IP addresses internally; one on each client station. Performs the translation back and forth. NAT is found in routers and is built into Windows Internet Connection Sharing (ICS). See NAT and ICS.

Packet Filter
Blocks traffic based on a specific Web address (IP address) or type of application (e-mail, ftp, Web, etc.), which is specified by port number. Packet filtering is typically done in a router, which is known as a "screening router." See bastion host.

Proxy Server
Serves as a relay between two networks, breaking the connection between the two. Also typically caches Web pages (see proxy server).


SCNROUT1.GIF



SCNROUT2.GIF


Protected and More Protected

In the diagram on top, the internal network is protected by only one screening router (a router with packet filtering). If there were servers on the internal network providing services to Internet users, this would offer minimal protection against an attack. The use of two screening routers in the firewall configuration at the bottom offers two points of protection from the outside world to the internal LAN.





_ELRONFW.GIF


Firewall Management

Elron Firewall was a product that combined stateful inspection, multilayer analysis of IP and IPX packets and network address translation to secure a network. The window on the left could scroll down to more than 70 user services. (Screen example courtesy of Elron Software, acquired in 2003 by Zix Corporation, www.zixcorp.com)




_BOOKFW.JPG


An Excellent Resource

O'Reilly's "Building Internet Firewalls, 2nd Edition" by Zwicky, Cooper and Chapman is one of the best books written on Internet and Web security. It covers a huge range of firewall and related topics and should be a "must have" for anyone interested in the subject. (O'Reilly & Associates, Inc., 2000, ISBN 1-56592-871-7)






Learn more about firewall

firewall definition

firewall business definition

firewall Culture

firewall science

firewall images

Related Articles

WiFi Broadband Cable DSL Definitions

What Is a Computer Virus?

How Does a Firewall Work?

firewall

link/cite print suggestion box

More from YD

Also Mentioned In

Audits and Alarm Classification

cisco

FAQ

hacker

log

packet-filtering firewall

protect

proxy firewall

SNORT Network-Based IDS

spyware

» more results...

Browse entries near firewall

Firefly

Firefox extension

Firefox

firewall appliance

firewall router

FireWire

Firey engine

firmware

first boot sequence

First Computer Inquiry

About YourDictionary Advertisers Contact Us Privacy Policy Terms of Use Bookmark Site Help Suggestion Box Tools
© 1996-2013 LoveToKnow, Corp. All Rights Reserved. Audio pronunciation provided by LoveToKnow, Corp.
About YourDictionary Advertisers Contact Us Privacy Policy Terms of Use Help
© 1996-2013 LoveToKnow, Corp. All Rights Reserved. Audio pronunciation provided by LoveToKnow, Corp.