What is a firewall in data security?

What is a firewall?

A firewall is a network security device that monitors incoming and outgoing network traffic. A firewall filters this traffic and blocks outsiders from gaining unauthorized access to the private data on your computer.

How does a firewall work?

A firewall only allows configured incoming connection requests. It also only permits IP addresses coming from authorized sources.

Firewalls protect traffic at a computer’s portsthe points where data is shared with external devices.

For example: “Source address 172.18.1.1 is allowed to communicate with destination 172.18.3.1 through port 40."

Types of firewalls

Based on their overall structure and mode of operation, firewalls can be classified into numerous categories.

There are three major firewall types:

• Packet-filtering firewalls
• Circuit-level firewalls
• Proxy firewalls

Packet-filtering firewalls

Packet-filtering firewalls act as a checkpoint at a traffic router that inspects IP addresses, packet type, and port numbers in data packets coming through the router.

Circuit-level firewalls

The TCPtransmission control protocol handshake is verified by circuit-level gateways/firewalls. This TCP handshake check ensures that the packet originates from a genuine session.

The packet itself is not checked by these firewalls. So if a packet has malware, but also has the correct TCP handshake, it would be allowed to pass.

Proxy firewalls

Proxy firewalls filter incoming traffic between the network and the traffic source at the application layer.

These firewalls:

1. Establish the connection to the source of the traffic
2. Inspect the incoming data packet

After inspection, these allow the packet to connect to the destination.