Firewall types

Firewall types

What is a firewall?

 A firewall is a system that prevents external intrusion into an organization's network and is placed at the boundary between trusted and untrusted networks.

 The network within the organization is designed to prevent third parties from intruding from an external network such as the Internet and stealing, tampering with, or destroying the content of communications or files stored on computers such as servers. need to do it.

 A firewall monitors the data that flows between the internal network and the outside world, such as the Internet, to detect and block unauthorized access.

 A firewall is a router located at the boundary of a network that plays its role, or is used by incorporating dedicated hardware and software into a computer.

 By introducing a firewall, you can protect the network within your organization from external attacks such as the Internet, and greatly improve security.

 Firewall is a firewall when translated into Japanese. A fire wall is a fire-resistant structure wall that is installed to prevent the spread of fire in the event of a fire, and plays the role of a safety valve that prevents the inflow of smoke.

 It is also called a firewall because it functions like a safety valve to prevent attacks from the outside in the network. The symbol representing the firewall in the network configuration diagram is represented by a burning red wall, etc. as shown in the figure below.

Firewalls are categorized by a protocol hierarchy that operates as follows:

  • packet filter firewall
  • Circuit level gateway firewall
  • Application gateway firewall
  • personal firewall

Firewall type

Firewalls are categorized by a protocol hierarchy that operates as follows:

packet filter firewall

 Packet-filtering firewalls operate at the network layer (Layer 3) and transport layer (Layer 4) of the OSI reference model.

Basically, it is layer 3 information

  • source IP address
  • Destination IP address

It is judged whether to block or not to pass based on the information of.

Depending on the type of filter

  • source port number
  • destination port number

It determines whether or not to pass based on the information in the Layer 4 header such as.

Circuit level gateway firewall

 A circuit-level gateway firewall relays and controls communications at the transport layer (layer 4) level.

 When communicating with an external network, it is sent to the firewall, and on the firewall side, the packet is reassembled and sent to the external target host, and the result of its own communication with the outside is returned. From the outside target host's point of view, it appears to be communicating with the firewall.

The disadvantage of this type of firewall is that it may require proprietary software on the client side.

 However, it also has the advantage of being able to connect to the outside from an internal network with private addresses without having to open a lot of ports in advance or go through NAT.

Application gateway firewall

An application gateway firewall relays and controls communication at the application protocol level.

 For example, when accessing a web server on an external network from the internal network, the application gateway relays to the target web server on behalf of the company PC.

 By doing so, PCs in the company do not need to connect directly with the outside, and can use the web server safely.

 In this way, all communication with the outside is relayed by proxy, so it is generally called a proxy server.

 However, this method requires a separate proxy for each application. To relay HTTP communication, you need a proxy that can interpret HTTP protocol, and to relay FTP protocol communication, you need a proxy that can interpret FTP protocol.

 Since it is necessary to prepare a separate proxy for each application, communication cannot be performed with this method if there is no corresponding proxy.

personal firewall

 A personal firewall is a firewall that is installed and used directly on a PC for personal use. Most products are paired with anti-virus software and anti-spyware. Some products are provided as features of the operating system.

 Personal firewalls are mainly intended for personal use PCs, and are intended to detect and block intrusions from external networks and communications from inside the computer to external networks.

 There are various types of firewalls such as packet filter type firewalls, circuit level gateway type firewalls, and application gateway type firewalls.

 It's not just external threats. It also fails to protect against internal threats inside the firewall.

The personal firewall is the firewall of last resort.

 A personal firewall can monitor packets leaving the inside or leaving the outside. Real-time monitoring and control of application behavior enables fine-grained filtering.

 However, a firewall cannot completely prevent all viruses and attacks. Accuracy should be improved by updating the virus pattern file to the latest.