What is a Firewall and Do i Need One?

By definition, a firewall is a component in a computer network system which monitors all inbound and outbound traffic to prevent unauthorized communications between machines. A firewall can be a piece of hardware or software, or a combination of both. It uses up to three different methods which can be configured by an administrator to allow or deny communications between individual machines or systems. A good fire wall can also work with encryption, both inbound and outbound, as well as utilize proxies.

Early implementations of the firewall utilized what's known as packet filtering. The firewall would intercept each packet of information either coming or going, and permit or deny it based on pre-configured rules. Packet filtering is still widely supported in modern firewalls, but the difficulty in configuring it scares many users away from maximizing its potential.

Two other means of firewall security are based on individual applications or connections. At the application level, users can configure a firewall to grant or refuse specific applications the permission to run. At the circuit level, the firewall accepts or rejects specific network connections as they are made. Once a connection is allowed the traffic is no longer monitored.

The proxy server is an additional method of firewall protection that is more stealth than rule-based filtering. When a firewall uses a proxy server it sets up a "virtual server" within its own environment and runs all communications through it. The proxy server has its own IP address which essentially hides the receiving computer from the sender. This is most effective in dealing with worms and trojan horses which can be programmed to scan the internet and/or local networks looking for vulnerable computers. The proxy server alone is not an adequate defense against threats, but combined with one or more of the other firewall methods, it greatly increases network security.

Software firewalls are the most common and should be more than adequate for most home uses. They are also a practical solution for small businesses that have a limited number of network connected computers. These firewalls are programs which can be purchased online or at the local software provider and installed on an individual machine. In some cases, free basic firewalls are available for download. Be careful when choosing a firewall, especially if you're downloading it from the internet. Shrewd malware developers have been known to disguise their work as free firewall software, with unsuspecting users installing it and giving the author complete control of their computer. Users should always compare the reputations and published reports regarding software developers before installing a software firewall.

For business and organizations with a large number of computers, a hardware firewall is the better option. First of all, a single piece of hardware will almost always be less expensive than the software licenses required for multiple computers. Second, the hardware firewall makes life for the network administrator much easier. To configure and maintain individual software firewalls on a hundred PCs is quite time consuming and challenging. Having a single hardware firewall at the point of network communications is far less complicated for the administrator.

A firewall is an essential part of good network security. With the ever changing world of computer security and the steady evolution of criminal malware, now more than ever, the need for a firewall is great. If your home or business currently operates without one, consider making the change as soon as possible.