Q14.) What is a Firewall?
A14.) A firewall is a dedicated hardware device, or software program running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.
A firewall's main task is to regulate the flow of traffic between computer networks of different trust levels. One example is the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or a Demilitarized zone (DMZ).
A firewall's role within a network resembles firewalls with fire doors in building construction. In the former case, it is used to prohibit network intrusion to the private network. In the latter case, it is intended to contain and delay structural fire from spreading to nearby structures.
Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely.
|
