Skip to main content

Network filtering and firewalls

Network filtering happens at the network protocol level and can be performed on routers and firewalls by analyzing headers of IP packets and allowing or denying forwarding based on source or destination address, protocol type, TCP port number, packet length, etc. By blocking packages based on network address information and protocol type, network filters can prevent unauthorized access even before an unauthorized user tries to authenticate or a hacker attempts to launch an attack.

Firewalls are devices that enforce access policies between two networks by performing network packet filtering. In addition to looking at IP headers, most firewalls are also aware of data payload and can test application type and message content for patterns of traffic to deny/allow access.

For example, firewalls can be configured to allow only e-mail traffic through them thereby protecting the network against any attacks other than attacks against the e-mail service.

A firewall is also important as a single audit point. It provides important logging functions and can often provide summaries to the administrator about what kinds and levels of traffic passed through it, how many attempts there were to break into it, etc.

While firewalls are important components of a security system, they cannot maintain security alone. Firewalls need to be part of a comprehensive set of security policies and are only one layer of protection to secure the perimeter of the network.

Firewalls cannot protect against attacks that do not go through them and are usually ineffective at protecting against attacks launched from within the network. Firewalls are usually ineffective against viruses and attacks launched through a tunneled protocol.

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.