Firewalls are commonplace now within corporate and even residential network environments. It is important to understand them and take a deeper look at firewalls. Corporations create a set of rules based on their security enabled network policy that determines what information can be accessed on the corporate network by all end users.
Firewalls have several ways of controlling traffic to and from the internal corporate network. Packet filtering is one method that firewalls use to process traffic in and out of the secure network. The firewall has a rules base that it matches the packet’s header information again to decide whether or not that traffic stream is allowed. If those packets match a set of rules that the firewall allows, then that traffic is allowed to pass through the firewall. If it not specifically allowed, (again, depending on the rules base) then generally the firewall denies the traffic.
Another way that firewalls can filter traffic is by using a proxy service. In this way, a firewall retrieves information from the web on behalf of the internal network nodes and then passes the information to the requesting computer.
A more advanced method that most modern firewalls now use today is called stateful packet inspection. This method is like packet filtering on steroids. It looks at the packet deeper and examines data within the actual packet and compares that data from trusted sources on the internet to ensure that the data does not have malicious intent. If the packet data is known to be malicious, then the firewall blocks the packet stream regardless of whether the packet matches the rules base of the firewall.
The methods that you choose to put in place in your network all depends on your security enabled network policy. Regardless of what method you decide on, be sure to take all aspects of network security into consideration and close off any open holes that are not required to be open on your firewall.