A firewall is simply a program or hardware device that filters the information coming through the internet connection or computer system. It filters the incoming and outgoing network traffic using some pre determined criteria.
Thus, a firewall forms a barrier through which the traffic going in each direction must pass. The firewall’s security policy dictates which traffic is authorized to pass in each direction.
Service control: Determines the types of internet services that can be accessed, inbound or outbound. The firewall may filter traffic on the basis of IP address, protocol, or port number; may provide proxy software that receives and interprets each service request before passing it on; or may host the server software itself, such as a web or mail service.
Direction control: Determines the direction in which a particular service requests may be initiated and allowed to flow through the firewall.
Firewalls generally use two or more of the following methods:
Firewalls are generally categorized as network-based or host-based.
Network layer firewalls: Also called packet filters, operate at a relatively low level of the TCP/ IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set.
Application-layer firewalls: The work on the application level of the TCP/ IP stack (i.e., all the browser traffic, or all the telnet or FTP traffic), and may intercept all the packets traveling to or from an application.
In nutshell, a firewall –
Features to Look for: