Firewalls are network devices which enforce an organization's security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the ISO network model, most commonly at the application, transport, and network, and data-link levels. In addition, researchers have developed some newer methods, such as protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is typically complicated and error-prone. High-level languages have been developed to simplify the task of correctly defining a firewall's policy. Once a policy has been specified, the firewall needs to be tested to determine if it actually implements the policy correctly. Little work exists in the area of firewall theory; however, this article summarizes what exists. Because some data must be able to pass in and out of a firewall, in order for the protected network to be useful, not all attacks can be stopped by firewalls.
The most basic classification of firewalls falls into Hardware firewalls and Software firewalls. Hardware firewalls are considered to be external to the system whereas Software firewalls as internal.
· Hardware Firewalls: Hardware firewalls are normally situated between your network and the connecting cable/modem. These are external hardware devices usually called as Network firewalls. Many a times, network devices called ‘Routers’ include firewall security. Hardware firewalls provide high external level of defense from intrusions since they are separate devices and possess their own operating environment, offering an extra line of defense. Use of Software firewalls become less important if a strong Hardware firewall is implemented. The main fallback for Hardware firewall is they are quite expensive as compared to Software firewalls.
· Software Firewalls: Software firewalls are basically software components internal to your computer system. They work hand-in-hand with the computer’s operating system. Nowadays, many operating systems are shipped with an inbuilt software firewall. Numerous firewall packages are available in the market developed by various companies. The disadvantage to software firewalls is that they will only guard the computer they are installed on, not the entire network. Hence, it necessitates every computer to have a software firewall installed on it. They are comparatively less expensive then the Hardware firewalls.