Under the designation Firewall A firewall is a protective wall that is intended to protect computers, gateway servers and associated network devices from external attacks. Like a "firewall", the firewall functions as a logical test facility that protects a private network from the public network. If the firewall did not exist, private computers and networks would be defenceless against the many attacks from outside. The firewall is not a virus protection program. Its function is not to detect attacks. Rather, it is designed to consistently implement network communication rules. All incoming data packets are examined according to firewall rules, the unsuspicious ones are allowed to pass. In case of questionable data packets, you receive a message. You decide. With its range of functions, the firewall can undoubtedly be called an important module of an EDP security concept.
Firewall: Monitoring according to defined rules
Basically, every firewall is based on software that controls data flows between a computer and the Internet. This monitoring is based on a set of rules that is fixed in the software. The firewall solution approach follows specific guidelines. The firewall uses the stored rules to decide whether a network packet arriving in the course of data traffic is waved through or rejected. With this simple incoming control, an attempt is made to fend off unwanted network invaders. These control mechanisms check the data stream arriving from the Internet as well as the data stream directed to the Internet. The firewall bases this control scan on the characteristic features of each data packet. This has a sender address, destination address and information about the services used, i.e. the type of data packet.
During the data scan, the firewall can check every access request. This check includes the analysis, i.e. the determination of the identity of the requesting service. This ensures that the requesting party has a registered domain name and thus a stored Internet address. A further firewall test procedure consists of a complete check of the incoming data packet in conjunction with a cross-check for codes that are listed in a stored "black list".
Summing up the functionality of the firewall, it presents itself as a data packet filter. The firewall protects you and your computer by showing what is sent and received on your Internet connection. If the firewall identifies problematic data packets, a message is displayed. You decide whether the Data may or may not pass your firewall.
If there is a need to detect attacks in addition to the packet filter function of the firewall, additional available IDS modules are used (IDS = Intrusion Detection System). The IDS can supplement the firewall, but it can also reside directly on the computer intended for monitoring and from there provide an increase in network security.
Two firewall models: desktop and network
There are two firewall models in the information technology (IT) market. The more complex firewall solution can be found in networks, for example a company network. There, a separate computer, which is connected between the PCs and the Internet served by the router, takes over the firewall tasks for all PC workstations connected in the network. As a rule, a proxy server (proxy = deputy) is already integrated into a firewall, which takes over communication with the target system on a quasi deputy basis and thus ensures the desired anonymity in this case. This firewall hardware solution can be implemented in a network at a reasonable cost.
For your home office, the software solution available as an alternative to the hardware firewall for the desktop computer - the PC - is the measure of all things. In "Windows" operating systems the firewall is part of the standard scope of delivery. To ensure protection, the firewall must be activated in the "Security Settings". Via the user interface, the security criteria and their thresholds can be defined user-oriented and displayed on a graphical user interface.
Firewall - a "must-have" security module
Conclusion: Firewall solutions are an elementary module of an IT security concept. The functionality includes reports and logs as well as triggered alarms based on logical test criteria, which occur automatically when freely definable threshold values are reached. The interface between you as operator and the firewall is a graphical user interface.