Site hosted by Build your free website today!


A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing

through it, and denies or permits passage based on a set of rules.

A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels.

Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust.

A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to

as a "perimeter network" or Demilitarized zone (DMZ).

A firewall's function within a network is similar to firewalls with fire doors in building construction. In the former case,

it is used to prevent network intrusion to the private network. In the latter case, it is intended to contain and delay structural

fire from spreading to adjacent structures.

Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset,

in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration

requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses

lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked.

This configuration makes inadvertent network connections and system compromise much more likely.