A firewall can be a software (computer program or application) or hardware (dedicated computer that runs a firewall program) device that filters the network traffic between your computer network or PC and the Internet. It is necessary for computing devices like computers which are enabled with an Internet connection.
Such a network security system enhances the security level of your computer network by providing detailed information about the traffic patterns of the network. It is an important and indispensable device that acts as a security gate between trusted networks (internal network) and an untrusted network (Internet). While all network communication passes through this system, only authorized traffic is allowed by it. It has the capability to withstand Internet attacks.
Why a Firewall is Deployed
Computers have thousands of ports that can be accessed for various purposes. The security system of your computer closes these ports except for some specific ports that need to be kept open. It acts as the first line of defense in preventing any type of hacking into your network, because, any hacker who tries to penetrate into a computer network will look for open ports that can be accessible. It not only keeps away certain data packets from the Internet, but also performs the following functions.
☛ It is used to keep confidential and valuable information from slipping out unnoticed by the organization. For example, FTP (File Transfer Protocol) traffic of an organization's computer network is controlled by this security system. This is done to prevent users in the network from sending confidential files intentionally or unintentionally to other parties.
☛ Firewall filters are also used to prevent specific traffic from flowing into the subnets of a network. This prevents users from sharing music, and playing games on the network. This type of application is useful especially in corporate sectors.
☛ Another important purpose is to modify the data packets that come across the security system. This process is called Network Address Translation (NAT). There is a certain type of NAT called the basic NAT, in which the private IP (Internet Protocol) addresses of a computer network are concealed behind a single IP address. This process is termed as IP masquerading. This helps users in a network which consists of systems without public addressable IP numbers, to access the Internet.
☛ Accuracy of data such as financial information, product specifications, prices of the products etc., are very important for any business to grow. If such information is modified by an external source, it may directly lead to collapse of the particular business. Security systems prevent unauthorized modification of data on a website.
☛ If systems are not available to users on a timely basis, it will lead to decrease in employee productivity, loss of consumer confidence, and bad publicity. Security systems ensure system availability.
Earlier, these systems worked by filtering the network traffic using the IP address, port number, and protocol, but today's security systems can filter data by identifying the message of the content itself. These can prevent sensitive or inappropriate information from passing through the interface. A firewall is a great asset to an organization and so it must be configured properly.