Firewall
Firewall is a system that controls network traffic and ensures security.
01What is a Firewall?
Firewall works like a "security gate":
- Examines incoming and outgoing traffic
- Allows or blocks based on rules
- Prevents unauthorized access
code
Internet → [Firewall] → Internal Network
↓
Rules:
✓ Port 80 (HTTP) - Allow
✓ Port 443 (HTTPS) - Allow
✗ Port 23 (Telnet) - Block
02Firewall Types
1. Packet Filtering Firewall
- Simplest type
- Looks at IP address and port number
- Fast but basic
2. Stateful Firewall
- Tracks connection state
- Makes smarter decisions
- "Is this packet part of an existing connection?"
3. Application Layer Firewall
- Application-level control
- Analyzes HTTP, FTP content
- Most detailed control
4. Next-Generation Firewall (NGFW)
- Combines all features
- IPS, antivirus, SSL inspection
- Modern enterprise solution
03Firewall Rules
Example Rule Table:
| Order | Source | Destination | Port | Action |
|---|---|---|---|---|
| 1 | Any | Web Server | 80, 443 | Allow |
| 2 | Admin PC | Any | Any | Allow |
| 3 | Any | Any | 22 | Deny |
| 4 | Any | Any | Any | Deny |
Rule Logic:
- Rules are checked in order
- First matching rule is applied
- Default: "Deny All"
04Software vs Hardware Firewall
| Feature | Software Firewall | Hardware Firewall |
|---|---|---|
| Where? | On computer | At network edge |
| Protection | Single device | Entire network |
| Example | Windows Firewall | Cisco ASA, Fortinet |
| Cost | Low/free | High |
| Management | Easy | Expertise needed |
05DMZ (Demilitarized Zone)
Safe zone for servers open to the outside:
code
Internet → [Firewall] → DMZ → [Firewall] → Internal Network
↓
Web Server
Mail Server
- Servers in DMZ are accessible from internet
- But they can't access internal network
- If attacked, internal network is protected
06Summary
- Firewall = Network security gate
- Filters incoming/outgoing traffic
- Rules applied in order
- DMZ isolates external servers