How does a firewall work?
When your computer has firewall protection, everything that goes in and out of it is monitored. The firewall monitors all this information traffic to allow ‘good data’ in, but block ‘bad data’ from entering your computer.
Firewalls use one or a combination of the following three methods to control traffic flowing in and out of the network:
The most basic form of firewall software uses pre-determined security rules to create filters – if an incoming packet of information (small chunk of data) is flagged by the filters, it is not allowed through. Packets that make it through the filters are sent to the requesting system and all others are discarded.
A firewall proxy server is an application that acts as an intermediary between systems. Information from the internet is retrieved by the firewall and then sent to the requesting system and vice versa. Firewall proxy servers operate at the application layer of the firewall, where both ends of a connection are forced to conduct the session through the proxy. They operate by creating and running a process on the firewall that mirrors a service as if it were running on the end host, and thus centralise all information transfer for an activity to the firewall for scanning.
The most modern method of firewall scanning, that doesn't rely on the memory-intensive examination of all information packets is ‘stateful inspection’. A ‘stateful’ firewall holds significant attributes of each connection in a database of trusted information, for the duration of the session. These attributes, which are collectively known as the ‘state’ of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets being transferred. The firewall compares information being transferred to the copy relevant to that transfer held in the database – if the comparison yields a positive match the information is allowed through, otherwise it is denied.
Types of firewalls
There are two types of firewalls: software and hardware.
Hardware firewalls are built into network devices such as routers and can protect every single machine on a network and require little configuration to work effectively. They use packet filtering techniques to examine the header of a packet, determining his source and destination and then, comparing the data to a set of predefined rules, they decide whether to drop the packet or forward it to the next step or to its destination.
Software firewalls are the most popular network protection method for home users. They usually come as stand-alone applications or as part of a complete anti virus protection software, such as the one BullGuard provides. Besides providing protection for inbound and outbound traffic, a software firewall can also protect against Trojan or Worm applications and allows various options of control over its functions and features.
A reliable software firewall should run in the background of your computer and leave a small print on overall performance by using few of its resources. The firewall software must be regularly updated to keep up with the latest technological improvements and provide effective protection against the latest network attack tactics.
BullGuard Internet Security includes a state-of-the-art firewall protection engine and provides security updated every 2 hours to ensure the safest online experience possible. You can try award-winning firewall protection from BullGuard for free by downloading the BullGuard Internet Security pack.
Was this article helpful?