Definition
Firewalls protect your PC from outside attacker and hackers by establishing a protection wall in your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the necessary data through. Firewall is very important especially for users who rely on "always on" connections such as cable or DSL modems. A personal computer connected to internet without a firewall can be hijacked in a minute. A firewall can block malware which can scan your computer for a weak point and then break in to using that.

How firewall protects?
All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks whether it meets the specified security criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted.

firewall techniques
Firewall uses different strategies to block unauthorized datas from accessing our internal network. Some of those techniques are:
Packet Filter
The firewall looks at each packet for 3 things, the source IP address, the destination IP address and the destination port. This information basically tells where the request came from, where it wants to go and what it wants to do. It looks at the "rule book" to determine if it's ok or not. After reading the rule book, it determines whether to accept or deny.
Application Gateway
Through this system, specific applications like FTP and Telnet servers can apply security mechanism.
Circuit Level Gateway
While establishing a TCP or UDP connection the circuit level gateway applies a security mechanism.
Proxy servers
Through this the network address could be hidden. The proxy server captures all messages entering and leaving the network.

Types of Firewalls
hardware Firewall
A hardware firewall is usually a small box that sits between a modem and a computer or network. Hardware firewalls can be purchased as a stand-alone product. But more recently hardware firewalls are typically found in broadband routers, and should be considered an important part of your system and network set-up, especially for anyone on a broadband connection. Hardware firewalls can be effective with little or no configuration, and they can protect every machine on a local network. Most hardware firewalls will have a minimum of four network ports to connect other computers.
-Cisco PIX
-SonicWall
-Nokia
-NetScreen
-Watchguard

Software Firewall
For individual home users, the most popular firewall choice is a software firewall. Software firewalls are installed on your computer (like any software) and you can customize it; allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer, and, depending on your choice of software firewall, it could also provide protection against the most common Trojan programs or e-mail worms. The downside to software firewalls is that they will only protect the computer they are installed on, not a network, so each computer will need to have a software firewall installed on it.
-Microsoft ISA Server
-CheckPoint FW-1
-Norton Personal Firewall from Symantec [retail]
-Norton Internet Security 2007 or Norton 360 from Symantec
-Sunbelt/Kerio Personal Firewall [freeware & retail versions]
-ZoneAlarm ProZoneAlarm Pro from CheckPoint [retail & free versions]
-ZoneAlarm Internet Security SuiteZoneAlarm Internet Security Suite
-Comodo Personal Firewall [freeware]

Benefit of Hardware Firewall
Not like software firewall, hardware firewall protects your entire network. Before the packets even come into contact with your internal network, they are processed. Bad packets can't affect your system or the servers. This leaves the resources on your server or PC free to carry out its own role.

Choosing a firewall
As stated in the document above each type of firewall has got its own strong and weak points. The concept of choosing a firewall is included several things. The concept of choosing a firewall is not only evaluating what the best product is. We should mainly consider on following things.
A firewall implements a security
If you do not have a security policy choosing a firewall is a very hard exercise. If you are doing an emergency implementation where there were no protection previously and the risk needs to be addressed immediately make sure to prioritize the development of such a policy. This does include change control, which is key to firewall management. There should be clear guidelines as to what is allowed and what is not on policy level.
Cost Considerations
When you compare the costs of different firewalls, you need to take into account any of the extra cost features that you need to implement. If you don't need Web caching, it might cost less to buy a SonicWall box than to buy a PC plus the Windows server operating system plus ISA Server. On the other hand, if you DO need caching and you already have an extra box on which ISA can be installed, this might be much more cost effectively than buying the SonicWall plus a Web caching server or appliance.


Tips for Home PC users
*Using a personal firewall is vital no what method you use to connect to the Internet, whether it be with a cable modem, Dial-Up modem, or DSL modem.
*If your PC is not guarded when you are surfing the internet, hackers can get entry to your computer and get access to your personal data on your computer system.
*A personal firewall helps to block out many different types of malicious programs and Internet traffic prior to it reaching your system.
*Some computer firewalls can also assist in preventing other users from using your PC to attack other systems without your approval.
*A computer firewall software will not make your PC or computer totally safe. However, a personal firewall provides the most helpful initial line of protection.

References
http://firewall.com/
http://www.freebsd.org/handbook/firewalls.html<
http://www.servershed.com/<
http://www.pc4safe.com<

About the Author

Admin http://www.pc4safe.com