What Is A Firewall
For many users, including many IT professionals, a firewall is often seen as some form of mystical
black box that performs all kinds of really cool network security activities. In reality, this couldn't be further
from the truth. A firewall in its simplistic form is nothing more than a device that functions much like a security
guard might for the physical security of a building. When someone arrives at the door of a facility the guard may
ask for a photo ID or security badge to determine if the person is allowed access to the facility. If they are on
the list they are allowed access, if they are not, then access is declined.
A firewall functions in much the same way. If a computer is requesting access to your firewall
protected network the request will come through your router and hit the firewall. The firewall will evaluate the
request to see if access to the requested service is allow and if this is so, allow the traffic to pass through. If
on the other hand the requester is trying to access a blocked service, then the firewall will discard the request
preventing access. Thus the device itself is not all that mysterious. For most LAN's all external traffic would
generally be denied at all times only allowing internal traffic to request and receive information from the
Internet.
Having said that, there is a need to understand services if one wishes to host service from within
their own network. One can for example have a web server hosted directly from a system within their LAN that they
wish to share with the world. Web servers use a protocol called Hypertext Transfer Protocol (HTTP) which defaults
to port 80 in the list of well known ports. So to allow external access to ones
network one would simply need to allow port 80 traffic to enter their network. However, to properly configure this
service, one would also want to only allow port 80 traffic to be directed to the web server and restrict this port
to other systems. This can be accomplished when building firewall rules to only allow access to port 80, and then
only to allow port 80 access to the IP address of the internal web server protecting other systems from being
visible to the outside world.
|