The different types of Firewalls - What is
Firewall - Understanding the Risk
Understanding the Risk
Bringing in data to your system via the Internet can open a portal to hackers
and other security risks. Even accessing standard information like a movie listing
or phone number via the Internet can create a window of opportunity through which a hacker can enter.
When Are You At Risk?
The risk is even greater if you run a high-speed, "always-on" Internet
connection, but the need for protection is the same regardless of the type
of connection you have. While a high-speed connection is definitely more attractive
to a hacker, dial-up connections are still vulnerable to attack. All Internet providers
are assigned a range of Internet addresses. When you connect to the Internet, one of
those addresses gets assigned to your computer. Anyone who knows the range for a
particular provider can scan that range looking for open connections. If you are not protected,
they will find your address regardless of whether it is high-speed or dial-up.
Telecommuting, or connecting to your office network through the Internet from your home or
mobile computer can place the security of both your home and office network at risk.
A skilled hacker can "ride" along an unsecured Internet connection to gain access to
your home or dial-up office network.
Once connected, they have access to any information on the network and have
the potential to do untold damage. The extent of the risk is limited only by
the imagination of the hacker.
Types of Risks::
Corporate networks are an obvious target for hackers, but the appeal of private
home systems should not be underestimated.
Access to information on personal computing systems is also a valuable target
as it includes banking information, passwords, personal documents and more.
Hackers can use your Internet connection to install a program called a Trojan
Horse that has the ability to scan everything you type and send it all back to them.
This could include any passwords or other sensitive information you might have.
Even when there is nothing of value on a computer, it still requires protection.
Skilled hackers can use an unprotected system to hack into other computers.
An important element of success to a hacker is that he or she is not traced
and apprehended. Working through unprotected system allows a hacker to commit
their crimes anonymously and ensure that the only trail of their crimes leads to your computer system.
What Can You Do About It?
A personal desktop firewall is the answer. Just like the familiar corporate firewalls,
a desktop firewall controls what data enters and leaves your system.
How A Firewall Works::
A firewall acts like a gate with a security guard positioned between your computer and
the Internet. Depending on your instructions to the security guard, it won't
let any unauthorized data through the gate to your computer, and monitors what
leaves it. Unauthorized intruders at the gate are turned away, and anything
leaving is inspected first. In addition, a good desktop firewall works in
concert with virus protection and your VPN (Virtual Private Network), should you have one installed.
Types of Firewalls::
There are a number of different types of firewall, including software firewalls,
routers, and hardware firewalls.
A software firewall:: is a program that runs on your computer and monitors everything
being sent and received through your internet connection. One advantage to a software
firewall, that not all hardware firewalls offer, is it can monitor outgoing information
as well as incoming. This is particularly effective against the potential security risks
of "spyware" or "Trojan horses" programs, which can send information out to the internet
from your computer. A sotware firewall guards against this type of risk which usually
works in the background undetected and prevents the information from being released.
A hardware firewall:: is strictly dedicated to protecting you from hackers and includes a
physical disconnect function. This allows you to actually completely disconnect your
computer from the Internet. In some cases the hardware firewall will automatically
disconnect you if your Internet connection has not been in use for a certain period
of time. Reconnection is simple and easy, and this firewall provides the obvious
advantage of limiting exposure through total disconnection.
A router is a type of hardware firewall. They are typically designed to share a
high-speed internet connection between multiple computers. The router acts like
a roadblock between the Internet and your computer, thereby providing firewall
protection. If somebody is scanning for open connections, they will not be able to see your computer.
Selecting a Firewall::
Essentially, a firewall provides a set of filters that either block or allows
connections and data transmission between your computer and the Internet.
Residing on your computer, the firewall's filters automatically prevent
any unrecognized user from accessing your system or any corporate network
to which you are connected while you are on the Internet.
A good desktop firewall will allow you to give specific instructions to the
security guard at the gate. This feature permits special authorizations to
take place. This is important if you use programs that communicate with other
computers, such as instant messaging or multiplayer games. A firewall would
normally block these types of connections, but if you plan to allow them,
you need to be able to tell the firewall to do so.
Virtual Private Network (VPN)::
A firewall provides protection to your actual computer or the computers hosting a
corporate network. It is designed around the hardware. A VPN, on the other hand,
protects the connection itself between your computer and that of the corporation.
It is essentially a "tunnel" or private path through the Internet that connects
your computer to your corporate network. This connection is encrypted so nobody
except the two ends of the connection can view the data going back and forth.
If you are using a VPN connection, you need to make sure the firewall you choose is
going to be compatible.
If you are looking at a software firewall, you need to ensure that it will support
an encrypted VPN connection.
If you are looking at a hardware firewall, look for one that specifically
supports a VPN connection.
If you are planning to use a router as your firewall, you will most likely
encounter two versions of a given model - one of which will specifically be
called a "firewall" or "VPN" router. This is the version that supports a VPN connection.
Hardware or Software::
There are conflicting opinions on which type of firewall is better,
hardware or software. They both have advantages, so making the right
selection requires matching their features to your individual needs.
Desktop firewall software runs on an individual computer, so if you
only have a single computer this may be the most cost-effective way
to go. If you have more than one computer that you want to protect,
you will need to buy a copy for each of them.
If you are using dial-up internet, the choice is a little easier.
Most of the hardware firewalls only have connections for high-speed
services, so with dial-up you will likely have to run a software firewall.
Another advantage of software firewalls is they can protect your network against internal attacks.
A hardware firewall sits between your network and the Internet,
but doesn't protect the computers on your network from one another.
Software firewalls run on each computer, so they are protecting them from each other as well as the Internet.
They will protect against the possibility of a disgruntled employee
hacking into confidential company information and distributing it either internally or externally.
If you are protecting multiple computers, a hardware firewall may be more cost-effective.
With a hardware firewall, a router in particular, you can share
your high-speed Internet connection with multiple computers.
This can provide multiple benefits from a single device.
For overall protection a user should run both software and a hardware firewall. Keep Safe !
<----Back to the Home page
Discuss this in the Forum ---->
Have a problem or question that is not listed on our site let us know and we will add it--We enjoy to hear from our visitors!