How Information Packets Work With a Firewall
With new and emerging criminal activity popping up every day on the Internet, securing a network with a firewall is quickly becoming an absolute necessity. Whether the network is for a large corporation or it is your home network, it is worth the time and investment to set up the proper security measures.
A firewall works by allowing and disallowing information packets from the Internet to be transmitted to and from the network. Not only does the firewall keep the bad guys out, it also sets rules for clients on the network as to how they communicate with websites. This method secures information that is traveling to and from the Internet because the firewall inspects all of the packets of information that are passing through to the network to the Internet and vice versa.
There are several different types of firewalls that have different classifications to meet the different needs of a network. The two most common methods of firewalling a network are called packet filtering and packet inspection.
This type of firewall inspects the headers of the information packets by looking for information in the header source that includes the source of the packet, as well as the destination address and port number. The IT administrator then sets rules that are derived from the combination of the header components.
To make the explanation easier to non-IT people, information packets on a network are similar to snail mail correspondences in that they have the content and a destination address which make up the components of the entire information package. The packet filtering component of the firewall reads the address of the destination where the information packet is to be sent and then decides whether or not to filter the packet.
- Port Numbers: Port numbers are used to identify the type of information packets that are being sent, such as an email information packet or a website information packet. By separating the ports it makes it easier for the firewall to filter out unwanted information.
A packet filtering system on a firewall can be somewhat limited in its capability because more often than not, it has difficulty determining whether or not information packets are expected or inappropriate because of the limited amount of information they are capable of inspecting.
Stateful Packet Inspection
This type of firewall protection is different from packet filtering because it inspects all of the components of information packets. In addition, it establishes rules that are based on the client that is trying to make a connection and the current status of the connection. It then maintains a log of all network activity which it uses to tighten firewall security with solid rules.
Stateful Packet Inspection processes a wide variety of information before permitting the client to communicate. This is what makes this type of firewall much more secure than packet filtering ones.