Home‎ > ‎3 pm class page‎ > ‎

Tassos,George

 Firewall, Packet Filtering, Perimeter Firewall, Internal Firewall

Wikipedia links to the key terms:
Firewall

Packet Filtering  (Wikipedia redirects to Firewall)
Perimeter Firewall (Wikipedia redirects to distributive firewall)
Internal Firewall (Wikipedia redirects to distributive firewall)

Cisco's Jimmy Ray Purser explains what a firewall is


What is the definition of a firewall?
Tech Target defines it as a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. It is a company with an intranet that allows its trusted employees the ability to use the Internet and a firewall to prevent untrusted users from accessing its own private data.

Firewalls protect networks by not allowing hackers to come in and steal their information. At the same time a firewall can allow a company to prevent its employees from messing around on the Internet during work. For example, poor employee behavior on the internet can be notified to the company and they can possibly get in trouble for looking at websites they are not supposed to like Facebook, fantasy sports, dirty websites, or downloading music. Firewalls are useful tools for keeping employees inline when on their company's network. This is important because employees who use the Internet to download files could potentially download a virus. The virus that they could potentially download may cause property damage and destroy computer software.

What does a firewall do?

According to the United States Emergency Readiness Team 
Firewalls provide protection from untrusted users by blocking your computer or network from getting computer viruses or unnecessary Internet traffic. Firewalls are used to not allow data from certain locations while allowing the relevant data.

A company puts all of their information at risk if they do not have a good firewall including private information on the employees, their clients, and also their secrets. Companies can prevent information leaks by making sure to constantly check up on their firewall system and making sure that everything is running properly in order. In general it is better for a company to use some sort of firewall system, internal and external, instead of not using any system at all. Firewalls are important for letting good packets of data into the system and making sure that bad packets of data are kept right out of the system. 

What is the definition of packet filtering?
Tech Target describes packet filtering as the process of passing or blocking packets at a network interface. In a software firewall, packet filtering is done by a program called a packet filter. The packet filter looks to see if each packet passes its set of rules, and then picks if it passes or fails.

What is a packet?
About defines a packet as
one unit of binary data which is sent through a computer network.

When looking at packets and packet filtering, it is basically a system in which code gets broken down and put together. Networks send data to each other in packets, those packets get broken down and encrypted. Then the packet filtering system gets the packet and analyzes it for any potential threats such as viruses and worms. If the packet is clean, then the network allows it to go into the network. If packet filtering does not work for a firewall system, then that system could be at risk to get a computer virus.

What is a perimeter firewall?
IT Law Wiki defines a perimeter firewall as a firewall installed between a private network and other public networks, such as the Internet. A perimeter firewall controls all traffic between the internal network and other networks.

Perimeter firewall is what separates a companies personal network from the outside network. It is useful for keeping out users who are not welcome to the website, and it is also useful for the network to keep all their information from leaking out.

What types of perimeter firewall exist?
Microsoft defines the top three types of perimeter firewall
1. Trusted - Trusted perimeter firewall applies to employees of the organization. These employees of the organization are trusted with more access to the network.
2. Semi-trusted - Semi-trusted employees can include business associates of the company. These guests are allowed to use the company's networks so that they can access the Internet, but they are not allowed access to the trusted parts of the network. This type of perimeter firewall is used to let visitors access parts of your network, but not the whole thing.
3. Untrusted - Untrusted perimeter firewall protects a network from people who can do damage to it. It does not allow anyone access to the network without the proper identification codes. An example of common untrusted networks a company may use is their website, it may allow people to log in but they will not have access to the network.

Perimeter firewall is one half of typical firewall systems. The perimeter firewall system basically keeps information from the outside going into the network and information from the outside leaving the network. In a way it is like a security guard managing who gets to go inside and outside of a disco. The perimeter firewall is the gatekeeper for most network systems and must always be checked on for holes.

What is an internal firewall?
Microsoft says that an internal firewall focuses on preventing external users accessing the internal network and limiting what internal users can do in that network.

Internal firewall is what gets people in trouble at work. When people are taking a break on the job when they should be looking at data but instead are looking at youtube videos, internal firewall systems will alert their bosses. Internal firewall is present on most computer systems, even the computers at San Jose State have their own internal firewall in which students and faculty can be monitored. In general people should be careful of what they do on other people's networks, because they may end up getting in trouble.

Advantages and disadvantages of each type of firewall according to the US  Government.

Hardware - Typically called network firewalls, these external devices are positioned between your computer or network and your cable or DSL modem. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. Hardware-based firewalls have the advantage of being separate devices running their own operating systems, so they provide an additional line of defense against attacks.

Software
- Because of the risks associated with downloading software from the Internet onto an unprotected computer, it is best to install the firewall from a CD or DVD. If you do download software from the Internet, make sure it is a reputable, secure website.
"This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS)." (The United States Computer Emergency Readiness Team requires that quote to be used when using information from their website.)

How are access control lists incorporated into firewalls?
According to Cisco, access control lists control whether routed packets are forwarded or blocked at the router's interfaces. The router examines each packet to determine whether to forward or drop the packet, based on the criteria you specified within the access lists.


Access control lists are like a guest list for a party, if you are not on the list then you are not getting into that party. Access control lists is what packet data gets compared to when it is going through a firewall. If the data does not match what is allowed by the systems preferences, then the data will end up being sent back and will not be allowed to go to the network. Any data that is not allowed will be classified as dropped data and any data that follows the company's protocol will be allowed to pass.

Photo (below) from Wikipedia.org, it demonstrates what a firewall looks like.


 
Comments