Nowadays, most companies and organizations have many computer workstations that are usually linked together by a local network. This network makes it possible to exchange data between the various employees inside the company and thus to work as a team on joint projects.
The concern comes with the need to open the local network to the outside world, ie internet. Opening the company to the outside world also means leaving an open door to various foreign contents if unchecked, can harm the company like data hacking and viruses.
To counter these attacks, a secure network architecture is required. The architecture to be set up must include an essential component, which is the Firewall. The purpose of this tool is to secure the companys network as much as possible, to detect intrusion attempts and to do as much as possible to prevent it. In addition, it can also restrict some access to the outside.
The firewall thus offers a real control over the network traffic of the company. It allows to analyze, to secure and to manage the network traffic, and thus to use the network in the way for which it was planned. All this without cluttering it with unnecessary activities, and preventing an unauthorized person from accessing this data network.
. History of the Firewall
Firewall got its name from the concept of containing fire. Firewalls were created in the late 1980s. Cheswick and Bellovin were the first to develop the simple form of firewall. In the early 1990s the first form of commercial firewall was created Digital Equipment Corporation for commercial use. Today, the functions of a firewall have expanded, as it is also a matter of preventing the compromise of machines on the network as preventing the output of certain information from the local network, or even the use of certain software.
III. Hardware Firewalls vs Software Firewalls
A. Hardware Firewalls
Hardware firewalls are specialized network boxes that contain customized hardware and software. Hardware firewalls protects PCs by hiding them from the outside world. They can also be used to hid one company department from another. Hardware firewalls are great because they offer a company protection of multiple systems.
Although many Fortune 500 companies use hardware firewalls, there is a downside in using them. They are specialized devices, because of this reason hardware firewalls are expensive, complicated, difficult to upgrade, and tricky to configure. Only trained professionals can handle them. Home use hardware firewalls also have limits as when using computers outside of home exposes the system to threat.
B. Software Firewalls
Software firewalls are more suitable for individual users or small businesses. There is no need to use an expensive piece of hardware, instead a software firewall can be installed on PC, notebook, or workgroup server.
It is beneficial for individuals to use software firewalls on their own systems even if hardware firewalls are installed. This is due because software firewalls are especially convenient for people who use their PC outside of the hardware firewall. In addition, software firewalls can be upgraded easily.
IV. The different categories of firewall
Since their creation, firewalls have evolved greatly. They are indeed the first technological solution used for securing networks. As a result, there are now different categories of firewall. Each of them have advantages and disadvantages of their own. The choice of one type of firewall over another will depend on its purpose, and also on the various demands imposed by the network to be protected.
A. Stateless Firewall
These are the oldest but mostly the most basic firewalls that exist. They control each packet independently of the others based on the rules predefined by the administrator. These firewalls intervene on the network and transport layers. The filtering rules then apply to a source or destination IP address, but also to a source or destination port.
There are of course limits associated with this type of firewall. When creating filtering rules, it is necessary to start specifying that the firewall should not let any packets pass. Then we have to add the rules to choose the flows we want to pass. It is also not possible to avoid ip-spoofing attacks, for example. The rules for filtering these firewalls are based on IP addresses, so it is enough for hackers to find the rules of the firewall and find ways to hack it. A solution to protect against IP-spoofing attacks is to implement a rule prohibiting packets from the external network whose source IP address corresponds to a valid address of the local network.
B. Stateful Firewall
Stateful firewalls are an evolution of stateless firewalls. The difference between these two types of firewall is the way the packets are controlled. Stateful firewalls take into account the validity of packets that come through against previously received packets. They then keep in memory the different attributes of each connection, from their beginning to their end. Thus, they will be able to process the packets not only according to the rules defined by the administrator, but also with previously received packets.
The attributes stored in memory are the IP addresses, port numbers and sequence numbers of the packets that have passed through the firewall. The stateful firewalls are then able to detect a TCP protocol anomaly. However, this type of firewall does not protect against the exploitation of the application faults, which represent the most important part of the risks in terms of security. Indeed, this type of filtering tends to slow down the network.
C. Proxy Firewall
The Proxy firewall makes it possible to carry out a much finer analysis of the information that they pass on. They can thus reject all requests that do not conform to the protocol specifications. As a result, it is possible to forbid, for example, users to use certain services, even if they change the service port number of services (such as peer-to-peer protocols).The limitation of these firewalls is that they must know all the rules of the protocols that they must filter. Indeed, the module allowing the filtering of these protocols must be available.
D. Personal Firewall
Personal firewalls are installed directly on the workstations. Their main goal is to counter computer viruses and spyware. Their main asset is that they allow to control access to the networks of the applications installed on the machine. They are able to locate and prevent the opening of ports by unauthorized applications to use the network.
V. Market Share
The statistic depicts the global market forecast of cloud/datacenter-delivered hosted firewall services from 2009 and 2015. In 2009, IT service companies earned revenue of 341.9 million U.S. dollars with cloud/datacenter-delivered hosted firewall services worldwide.
As you can see, firewalls have multiple capabilities that can differ depending on their types. This multitude of solutions therefore requires a rigorous study of the safety to be put in place. Indeed, the computer system of a nuclear power plant will not have the same need in terms of safety as an individual and will therefore have different equipment.
It is also necessary to specify that the firewall is only a security component, so it will not protect a network on its own. It is necessary to include it in an approach that will take into account other parameters such as the updating of the applications.
Avolio, Frederic. "Firewalls and Internet Security - The Internet Protocol Journal - Volume 2,No. 2." Cisco. The Internet Protocol Journal 2, 2 June 1999. Web. 08 Dec. 2016.
Firewalls, Tunnels, and Network Intrusion Detection (n.d.): n. pag. Cs.brown.edu. Brown University. Web. 06 Dec. 2016.
Wang, Hao. "Network Firewall."citeseerx.ist.psu.edu. McMaster University, 29 Mar. 2004. Web. 05 Dec. 2016.