What is a Firewall? Understanding Its Role and Architecture

alt="Data Center News, Data Center Insight, Data Center Firewall"

If you’ve ever worked with IT service providers in Indonesia, you may have encountered the term “Firewall.” A firewall is a security device designed to monitor and filter network traffic according to specific security policies set by a company or organization. It acts as a protective barrier between a user’s private internal network and the public internet. The main purpose of a firewall is to allow secure traffic through while blocking potentially harmful data from entering.

Benefits of Firewalls

Firewalls offer several benefits, including managing and recording network traffic, controlling access authentication processes, blocking unsafe traffic, and preventing programs that may harm computers. Additionally, firewalls safeguard private information from unauthorized access and secure internal networks.

Types of Firewalls

Several types of firewalls are commonly used by IT security providers in Indonesia:

  • Packet Filtering: Analyzes and distributes data based on a filter standard.
  • Proxy Service: A security system that filters messages at the application layer to provide protection.
  • Stateful Inspection: A dynamic packet-filtering method that monitors active connections to determine which network packets can pass through the firewall.
  • Next Generation Firewall (NGFW): Advanced firewall with deep packet inspection at the application level.

Firewall Architecture Implementation

There are four main types of firewall architecture commonly used in networks: packet filtering routers, screened host firewalls, dual-homed firewalls, and screened subnet firewalls.

  1. Packet Filtering Routers: Many organizations use routers as the interface to the internet, placing them on the perimeter between the internal network and the internet provider. Configurable to accept or reject packets based on organizational policies, this architecture offers a straightforward yet effective firewall that prevents attacks from the internet.
  2. Screened Host Firewalls: This architecture combines packet filtering routers with discrete firewalls, such as proxy servers. Here, routers filter packets before they reach the internal network, reducing network load on the internal proxy. Application proxies verify protocols like HTTP or HTTPS and provide proxy services. This setup often includes a bastion host, a dedicated target for external attacks, which requires full security measures.
  3. Dual-homed Host Firewalls: This setup is a more complex variation of screened host firewalls. In this architecture, the bastion host uses two Network Interface Cards (NICs): one connects to the external network and the other to the internal network, creating an additional security layer. This approach often utilizes Network Address Translation (NAT), mapping external IP addresses to internal ones to create a barrier against intrusions.
  4. Screened Subnet Firewalls (using DMZ): Often employed in corporate networks, screened subnet firewalls use a DMZ and combine dual-homed and screened host firewall architectures. This setup provides a more robust architecture by isolating the external and internal networks, adding an extra layer of security.

Firewalls, especially Next Generation Firewalls (NGFWs), play a critical role in security architecture, focusing on blocking malware and application-level attacks and integrating with Intrusion Prevention Systems (IPS).

This is a brief overview of firewalls and their architecture.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *