What is Firewall? | Host Based Firewall & Network Based Firewall

What is Firewall?

By filtering the data that enters from the internet, a firewall is a mechanism created to stop illegal access from accessing a private network. A firewall allows desired traffic while blocking undesired traffic. Consequently, the goal of a firewall is to establish a security barrier between a private network and the public internet. Since harmful traffic and hackers are continuously trying to break into private networks on the internet, this is necessary. And the key element of a network to stop this is a firewall. Furthermore, a firewall is crucial for large organizations with lots of PCs and servers. Because if all those gadgets were open to anyone online, a hacker could break in and completely ruin that organization. To keep them safe, you need a firewall. The operation of a firewall in a building structure is quite similar to that of a firewall used in computer networks.

In fact, it is from this that the phrase "firewall" originated. In the event of a real fire, a firewall in a building's structure acts as a barrier, containing the fire on one side of the building and preventing it from spreading to the other. The firewall's purpose is to prevent the building from being completely destroyed by the fire. But without the firewall, the fire would have spread to the opposite side and destroyed the entire structure.

The operation of a network firewall is comparable to that of a structure firewall. It puts a stop to dangerous behavior before it can cross the firewall and damage a private network. A firewall is necessary for every home in the high-tech world of today, but it's especially important for businesses or organizations to keep their networks secure. A firewall operates by filtering incoming network traffic and deciding whether it is permitted to enter a network based on its rules; these rules are often referred to as an access control list. The network administrator sets these rules, which are mutable. The network administrator controls both what can enter and depart the network. These regulations either provide permission or deny it.

As an illustration, let's say that traffic from a certain IP address has been blocked due to some rules in an access control list for a firewall. Therefore, due to the firewall's regulations, if traffic from this IP address attempted to access this network, the firewall would block it. However, access is given to the other IP addresses since the regulations permit it.

Fig 1: Firewall

Firewall Rules

Firewalls can create rules based on more than simply IP addresses, including:

1. Domain names.
2. Protocols.
3. Programs.
4. Ports.
5. Keywords.

Assume for the purposes of this example that the firewall rules regulate access based on port numbers. Let's assume for the moment that the rules have permitted incoming data utilizing ports 80, 25, and 110 to reach this network.

Therefore, the firewall will allow any incoming data that is using those ports to pass through. However, the rules in this firewall have prohibited any data that is using the ports 23 and 3389. Therefore, the firewall will block access to any incoming data that is using those port numbers, preventing it from passing through. Therefore, this is basically how firewalls operate.

Firewalls come in different types:

One type is called a Host-Based Firewall

And this firewall is software. This type of firewall is installed on a computer and just that computer and nothing else is protected by it. For instance, a host-baseball firewall is pre-installed in more recent Microsoft operating systems. And here is an illustration of that. Additionally, third-party host-based firewalls are available for purchase and installation on computers. So, as an illustration, take Zone Alarm, a well-known host-based firewall from a third party. Additionally, a host-based firewall is often included with antivirus software.

Another type of firewall is called a Network-Based Firewall

A hardware and software hybrid that functions at the network layer is a network-based firewall. A network-based firewall is installed between a private network and the public internet, but instead of protecting just one computer like a host-based firewall does, it safeguards the entire network. This is done by applying management rules to the entire network, which enables any malicious activity to be stopped before it reaches the computers. Network-based firewalls are typically used by large organizations as a standalone product.

They can also be integrated as a router component, which is what many smaller businesses rely on. Or, they could be set up in the cloud infrastructure of a service provider. Many firms are now using firewalls that are both network-based and host-based. In addition to using host-based firewalls for their individual protection for their computers and servers, they will use network-based firewalls to safeguard the entire network as a whole. And by doing so, maximum protection will be ensured. because, if by chance, malicious material manages to get past the network firewall. Each computer's host-based firewalls will be able to block it.