Firewalls

A firewall is mainly a system which is either software or hardware that regulates the traffic of network traffic to a server or network, typically it contains a set of rules which restricts or allows traffic to flow through the firewall gateway on a server or network. Generally most clients will use a firewall to restrict incoming traffic to be only what the server/network is designed to do and to restrict access to the server/network to specific users and networks. In some cases the reverse is true as well, where a firewall is used to restrict outgoing traffic to a public network. Most modern firewalls will allow users to create rules which restrict incoming and outgoing network traffic in addition to providing proxy and network address translation to anonymize network communications, increase the IP address space allocation within a network as well as prevent the establishment of outside network connections to the protected network.

There are several different types of firewalls which a user can choose from, the first type is the software based firewalls, which under Microsoft Windows there is a built in firewall which allows users to create rules which restrict access to their system, and turn off active ports if they desire. Linux typically does not come with a software firewall, although it comes with the tools to allow packet filtering such as IPTables, there exists quite a number of open-source firewalls for Linux which a user can install to help manage rules to establish increased security on the server. The second type of firewalls and probably a more secure method is a standalone firewall which simply stands between the public network and the protected network. The firewall then performs the service of forwarding network traffic from one network to the other using user defined rules to filter traffic. The increase in security comes from its ability to isolate the task of network processing from network service processing that a software based firewall may run on a server.

The use of firewalls should be encouraged on servers and thought must be given to the accurate use of network connectivity to a server, in the event of a security issue an administrator needs to be able to identify what network traffic was necessary and what is contributable to a security breach.

Colostore Articles