Monday, November 27, 2000		On Hardware

THINK of a house with no boundary walls and gates? Though nothing may be wrong with the internal structure of the house yet the lack of security in terms of boundary walls and gates makes it incomplete. Similar is the case with a computer and a computer network also. If you do not have a protective boundary wall or a gate in your network then it can be accessed by anyone, anytime. The boundary wall and the gate here refer to some kind of restriction from outsiders to enter the system.

It is especially meaningful in terms of the Internet, as while browsing the Net you negotiate connectivity with other Internet protocols and if you do not have a protective shield, other computer users can enter the system and cause loss in terms of data deletion, hacking and virus attack. Thus, the protective system that guards a computer or a computer network is called a firewall.

A firewall is basically a cover that stands between two different entities normally not the part of the same network, and controls access between them. If you have a strong firewall in place, no outsider can force into the computer and thus one is saved from a lot of modern world menace. A firewall could be a hardware device or a software program running on a secure host computer, which provides the protective shield to the computer or the network of computers. Earlier, the firewalls used to be simply the routers that was a hardware component, but now some powerful and complex firewalls are present both in the form of hardware and software.

Thus, no matter, which form of firewall one uses, the basic function remains the same. It basically checks the connectivity and also the data transfer between the private and the other network you have logged on to and allows only that amount of data transfer, which meets the criteria set by the firewall administrator. If it does not meet the criteria, the data transfer is simply stopped. The firewall just does not scrutinise incoming data, but filters both incoming and outgoing data. Another good feature is address filtering. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependent upon the protocol used, for example http, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

Using firewalls, you can also restrict the access of the computer users within a network and thus have different user level access with in the same network. Since this is an advanced kind of a security system, it also has the feature of logging any illegal attempts to enter the network and can also trigger alarms in case of such activities. Though these features may not be available in some firewalls, yet it is a great feature, which can inform about the attempt of intrusion in most expressive way.

As far as the working of the firewall system is concerned, there are basically two methodologies used by firewalls, which are known as access denial method. A firewall may allow all traffic through unless it meets certain criteria or may deny traffic unless it meets certain criteria.

Firewalls may be concerned with the type of traffic or with source or destination addresses and ports. They may also use complex rule bases that analyse the application data to determine if the traffic should be allowed or not. How a firewall determines what traffic to let through depends on which network layer it operates at.

However, like any other man-made system in the world, even the firewalls have certain limitations. Thus, if the firewall is bypassed altogether, then an individual user, using the dial-up option can dial in or out of the network using a modem. This may not be called a limitation of the firewall as it may arise out of mischief of the employees or any user. If the use of dial-up connectivity using the modem is not allowed as is also not defined by the firewall, then an attempt to connect to any outside network may pose a security threat, which should not be attributed to the firewalls. Firewalls though support dial-up connectivity also, but if you bypass the firewall, then it is as good as sitting in a house with no fences and gates. In fact, there are effective firewalls available for individual computers, which work on the dial-up connections using the modems, but in order to stay secured, one should not bypass the security network of firewall.

Firewalls are helpless in case of misuse of passwords and also the misuse of user accounts. Since in these cases various levels of security could be provided to the users, any misuse or hacking of passwords or user account may render a firewall helpless. However, in all such cases, the limitation is not solely of the firewall system but its implementation and management is also equally important Thus, precisely these limitations could be termed as the limitations of management and the systems and not necessarily of the firewall.

So, now you must have seen that a firewall is a basically a must-have for accessing the outside network, specially the Internet. Thus, it could be a basic necessity for anyone who accesses the Net and also has vital data on his computer. It will be wrong to say that the firewall is made for large corporates and organisations having big computer networks.

There are many effective personal firewalls available for individual PC users, which are also cost-effective. Many sites are available on the Internet, which lures a surfer to visit them and once a person logs on to this site, the hacker may attack his computer through the security holes in his browser or through other mediums. Thus, it will be incorrect to assume that individual PC users are not potential targets of hackers. In fact, they are softer targets and can be hacked easily. So, the firewalls are basically for everybody and with the growing menace of cyber crimes it will be the order of the day in the time to come.

— Vishal Verma