Syntel CQA Forum Firewall CQA Doc No 31

Firewall - a security system to protect a networked server or computer from

intentional or accidental damage or unauthorized access; implemented by either
hardware (a dedicated gateway machine) or software (defensive coding).

A firewall is a set of related programs, located at a network gateway server, that

protects the resources of a private network from users from other networks. (The term
also implies the security policy that is used with the programs.) An enterprise with an
intranet that allows its workers access to the wider Internet installs a firewall to
prevent outsiders from accessing its own private data resources and for controlling
what outside resources its own users have access to.

Basically, a firewall, working closely with a router program, examines each network
packet to determine whether to forward it toward its destination. A firewall also
includes or works with a proxy server that makes network requests on behalf of
workstation users. A firewall is often installed in a specially designated computer
separate from the rest of the network so that no incoming request can get directly at
private network resources.

There are a number of firewall screening methods. A simple one is to screen requests
to make sure they come from acceptable (previously identified) domain name and
Internet Protocol addresses. For mobile users, firewalls allow remote access in to the
private network by the use of secure logon procedures and authentication certificates.
A number of companies make firewall products. Features include logging and
reporting, automatic alarms at given thresholds of attack, and a graphical user
interface for controlling the firewall.

A firewall protects a computer network from unauthorized access. Firewalls may be

hardware devices, software programs, or a combination of the two. A firewall typically
guards an internal network against malicious access from the outside; however,
firewalls may also be configured to limit access to the outside from internal users.

Perhaps the most familiar form of Internet firewall is a proxy server. Proxy servers act
as an intermediary between internal and external computers by receiving and
selectively blocking data packets at the network boundary. They also provide an extra
measure of safety by hiding internal LAN addresses from the outside. In a proxy server
environment, network requests from multiple clients appear to the outsider as all
coming from the same proxy server address.
Also Known As: proxy, gateway

In networking, a firewall could be described as a specially designed device that

controls the spreading of a network threat. The most commonly talked about source of
network threats is the Internet. The Internet is the home of many unknown people
that we cannot trust. There are hackers on the Internet that may want to do our
networks harm. We can use a firewall to impede an untrusted person from doing
damage to our networks.

A system designed to prevent unauthorized access to or from a private network.

Firewalls can be implemented in both hardware and software, or a combination of
both. Firewalls are frequently used to prevent unauthorized Internet users from
accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which examines
each message and blocks those that do not meet the specified security criteria.

There are several types of firewall techniques:

• Packet filter: Looks at each packet entering or leaving the network and
accepts or rejects it based on user-defined rules. Packet filtering is fairly

10718263.doc Page 1of 1

Syntel CQA Forum Firewall CQA Doc No 31

effective and transparent to users, but it is difficult to configure. In addition, it is

susceptible to IP spoofing.
• Application gateway: Applies security mechanisms to specific applications,
such as FTP and Telnet servers. This is very effective, but can impose a
performance degradation.
• Circuit-level gateway: Applies security mechanisms when a TCP or UDP
connection is established. Once the connection has been made, packets can
flow between the hosts without further checking.
• Proxy server: Intercepts all messages entering and leaving the network. The
proxy server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information. For

greater security, data can be encrypted.

10718263.doc Page 2of 1