The User's


What Is A Firewall

For many users, including many IT professionals, a firewall is often seen as some form of mystical black box that performs all kinds of really cool network security activities. In reality, this couldn't be further from the truth. A firewall in its simplistic form is nothing more than a device that functions much like a security guard might for the physical security of a building. When someone arrives at the door of a facility the guard may ask for a photo ID or security badge to determine if the person is allowed access to the facility. If they are on the list they are allowed access, if they are not, then access is declined.

A firewall functions in much the same way. If a computer is requesting access to your firewall protected network the request will come through your router and hit the firewall. The firewall will evaluate the request to see if access to the requested service is allow and if this is so, allow the traffic to pass through. If on the other hand the requester is trying to access a blocked service, then the firewall will discard the request preventing access. Thus the device itself is not all that mysterious. For most LAN's all external traffic would generally be denied at all times only allowing internal traffic to request and receive information from the Internet.

Having said that, there is a need to understand services if one wishes to host service from within their own network. One can for example have a web server hosted directly from a system within their LAN that they wish to share with the world. Web servers use a protocol called Hypertext Transfer Protocol (HTTP) which defaults to port 80 in the list of well known ports. So to allow external access to ones network one would simply need to allow port 80 traffic to enter their network. However, to properly configure this service, one would also want to only allow port 80 traffic to be directed to the web server and restrict this port to other systems. This can be accomplished when building firewall rules to only allow access to port 80, and then only to allow port 80 access to the IP address of the internal web server protecting other systems from being visible to the outside world.

Internet Security