To answer that question, some networking background information must first be outlined. I will try not to get too technical in this area by simplifying the explanations and examples. When information is sent across the internet or a network, there are two very basic items that are required to make sure the information gets where it is intended to go and processed properly. They are:
- An address - An address is basically an indicator which enables data intended for a computer to locate it. It is similar to an address on a letter which is used by the postal service to find the right house number that a letter in being sent to. Each computer has an address which is used to locate it when information is being sent to it.
- A port - A port is a networking reference number used with the TCP/IP networking protocol which associates network packets (information sent over the network) with services or application programs. The port number helps indicate which program running on a receiving computer will process the information received.
To put it simply, there are two main types of firewalls. They are:
- Packet filtering
- Application Firewall
Packet Filtering Firewall
Generally and simply put, a packet filtering firewall examines the ports that the information is intended for and will either allow the information to be sent through or prevent the information from getting to the computer and specific program that may have processed it.The firewalls I refer to as corporate firewalls are used to protect what is called a private network. A private network is a special network which is hidden behind one network device (usually a firewall). The firewall may use only one address on the internet or only a handful of addresses on the internet while there are hundreds or thousands of computers behind the firewall on the corporate network. The figure below illustrates this. Each small box represents a computer which may be a computer used by an employee of the organization that owns the network.
No comments:
Post a Comment