A firewall protects
your local area network (LAN) — or even a single computer — against
outside intrusion. Firewalls work as filters between the outside world
and private networks, approving some types of traffic (such as when
someone accesses a Web page) and blocking others (when unauthorized
users attempt to access your network).
The term "firewall" doesn't actually refer to any one device. A firewall
could be either a piece of hardware or software, and more than one type
of firewall can be used to provide extra network security.
There are two common
types of firewalls:
These firewalls apply predefined rules to filter the
chunks of data, or packets, that pass through it. The
filter accepts or rejects packets based on the
originating computer's network address or other
characteristics. The packet filter might be a computer
or part of a separate piece of hardware, such as a
Also known as gateways, a proxy server acts as a
middleman that relays data between a network and the
outside world. The proxy prevents outsiders from
gathering information about computers inside a network.
The proxy can also screen packets based on their
application type (Web access or email, for example) or
other identifying traits.
A firewall can also screen internal traffic on a
network, separating different departments or branches of
a large company. In some cases, a business will
configure a proxy server to block employee access to
certain types of Internet content, such as streaming
audio or video.
Security Issues When Connecting to the Internet
When you connect your private network to the Internet,
you are physically connecting your network to well over
50,000 unknown networks and all of their users. While
such connections open the door to many useful
applications and provide great opportunities for
information sharing, most private networks contain some
information that should not be shared with outside users
on the Internet. In addition, not all Internet users are
involved in lawful activities. These two statements
foreshadow the key questions behind most security issues
on the Internet:
How do you protect confidential information from those
who do not explicitly need to access it?
How do you protect your network and its resources from
malicious users and accidents that originate outside of