Introduction to the Firewall
Currently, security threats on the Internet fall into the following types:
- Illegal use: Unauthorized users or users with illegal authority access network resources. For example, an attacker accesses network resources by using the accounts and passwords of authorized users.
- Denial of Service: A server prohibits authorized users to access network resources. For example, an attacker continuously sends echo-request or connection request packets to a server by using many packets or malformed packets. The server then becomes overloaded and cannot process packets from authorized users.
- Information theft: An attacker does not directly intrude the target system. Instead, it intercepts important data on the network.
- Data modification: An attacker chooses system data or messages to modify, delete, delay, and re-order, or adds pseudo messages to destroy data consistency.
The security system is to set up a line of defense between the internal and external networks so that attacks from external network are prevented. The firewall is the line of defense.
The firewalls are classified into packet filtering firewall, proxy firewall, and stateful firewall. The SPU supports packet filtering firewall and stateful firewall.
Functions of the Firewall
In a building, a firewall is designed to prevent fire from spreading across one place to the other places. Similarly, a firewall on the network prevents hazards on the Internet from spreading to the internal network.
Located at the network boundary, a firewall prevents unauthorized access to the protected network and allows the internal users to securely access the Web service across the Internet or send and receive emails.
Both the packets from the Internet to the internal network and the packets from the internal network to the Internet pass through the firewall; therefore, the firewall is a guard that can discard the undesired packets. Figure 1 illustrates the functions of a firewall.
In addition to connecting the private network to the Internet, the firewall can also be used to protect the mainframes and key resources (like data) on the internal network. The firewall filters the access to the protected data, even the internal access to the data.
The firewall also serves as an authority control gateway to restrict the access to the Internet, for example, it allows the specified internal users to access the Internet. The modern firewalls also provide other functions, such as identity authentication and security processing (packet encryption).
Limitations of the Firewall
The firewall has the following limitations:
- The firewall cannot prevent the attacks initiated by the internal network.
- The efficiency of the firewall depends on the quantity of rules configured on the firewall. When the number of configured rules increases, the efficiency of the firewall decreases.