A firewall is a computer tool (hardware and/or software) designed to protect network data (protection of a personal computer connected to the Internet for example, or protection of a corporate network) .
It ensures the security of information in a network by filtering inputs and controlling outputs according to rules defined by its administrator.
Table of Contents
What is a Firewall?
This metaphor refers to security devices that prevent malicious software from entering a computer or network.
A firewall against cyber attacks
The firewall is a filtering gateway that protects a computer or a network from intrusions from the Internet. It filters the data packets that are exchanged. It is sometimes translated as firebreak, security barrier, or gatekeeper. It has at least two interfaces, one for the internal network and the other for the external network. For the firewall to integrate with a device, it is important that:
- the computer system is protected,
- the packet filtering system is unique,
- the machine is powerful.
The different types of barriers
- the stateless firewall is falling into disuse: it is complex to implement and inefficient,
- the stateful firewall tests the validity of the packets, so it is more reliable,
- the application firewall opens dynamic ports and checks if the packet matches the expected protocol,
- the identifying firewall identifies connections that pass through the IP filter;
- the personal firewall effectively fights spyware and computer viruses by determining the identity of the program originating the data,
- the captive portal is used most often for Wi-Fi,
- the virtual firewall operates within a virtual framework.
How does a firewall work?
The operation of the firewall depends on the security policy implemented by the originator.
The two security policies
There are two main security policies:
- the most secure is to allow only communications that are explicitly admitted in the name of the principle of least privilege.
- only prohibit exchanges that are explicitly prohibited.
The first option is the most effective and also the most restrictive. The principle of least privilege means that an action can only be taken on the condition that its functional utility is real. Privilege refers to the ability to perform an action such as the ability to create, read, or destroy a file. In the context of the firewall, it is in particular a question of applying the three main predefined rules: accepting the connection, blocking it, refusing the connection request without warning the sender.
A personal firewall
The personal firewall refers to situations where the latter only protects a single computer. It prohibits malicious software such as Trojans.
What does a firewall do?
The firewall naturally serves to protect one or more computers against malicious software. Its usefulness and effectiveness increase as it integrates new functionalities.
New functionalities for Firewalls
The new firewalls are equipped with multiple features that increase their usefulness tenfold:
- address translators,
- IP address protocol and filtering,
- proxy Server,
- login credentials,
- detection of abnormal traffic thanks to artificial intelligence,
- Trivial File Transfer Protocol (TFTP) or simplified file transfer protocol,
- antispam device,
- control of accessible URLs,
- internet protocol server.
To be efficient
It is necessary to configure it carefully to give it maximum efficiency. This is why it is preferable to call on a professional and the services of the Government Center for Monitoring, Alerting and Responding to Computer Attacks.