As we write these blogs and get a good collection, we often get questions back. We love that our blogs are opening communication. We especially like it when the questions have nothing to do with the blog they are reading. Recently, a reader asked about Firewalls.
The term “Firewall” can be confusing – There is a piece of hardware called a firewall. Windows include software called a firewall, as well as other 3rd party firewall software installed on your computer. By definition, a firewall is a part of a computer system or network designed to block unauthorized access while permitting outward communications. As we mention, it is either software or hardware based. To keep this blog from getting too technical, we are going to limit it to a hardware firewall.
So, what is a hardware firewall? The core function of a firewall is to route communications, which means a router. Let’s start with the router’s job. Connecting two different networks and allow them to talk is the router’s responsibility. For our Techy Readers, this involves the specifics of IP addresses and subnetting, but that’s a little deeper conversation than most of you want, so let’s keep it simple. (If you want those techy details, I bet a cup of coffee would get Jay to bore you…I mean educate you as much as you wish. 🙂 )
We will start with the office. You have a network in your office that all your computers, printers, and other network devices connects into. For your computer to send a file to the printer, they must be on the same network. That allows them to “talk” with one another. But rarely do we stay within our own little network; after all there is a whole World Wide Web out there.
Let’s assume you are using Comcast as your Internet provider (Trust me, this is not an endorsement or recommendation – But since it’s a common provider, we will use it for this example). When you connect to Comcast, you are now on a different network than your internal office network, but just like you backing your car out of the driveway to the street, there needs to be a way to enter that network and find what you’re looking for. A router is the device that controls traffic and creates the route to leave your internal network. The Internet is a collection of different routes (or routers) that connect many networks all together. Think of this as the streets, highways, and Interstates that allows you to travel from Maine to the Bay of California by car.
Now, you’re sitting at your computer, and you want to read the latest Techno Advantage blog, because you know it’s awesome and educational! : ) So, you open your browser to Google.com, and type in ‘Techno Advantage blog’. Your router sees that this is outside your local network, so it sends the request to Comcast. But for conversation, we’ll say Comcast doesn’t have the info. So, Comcast sends a request through a Gateway Router to AT&T (for example purposes), and so on, until our awesome blog loads up on your home computer.
Earlier, I mentioned backing your car out of the driveway to the street in front of your house, let’s say you are driving from your house to Chicago. You have a route, starting by backing out of the garage. You follow a few city streets, take an onramp to I-465, merge from I-465 to I-65 North, and follow it to Chicago. In this discussion, the exit ramps are the routers in this scenario. Every time you change from one street or Interstate to a different one would be a router directing the traffic to a new network.
So now that you know so much about Routers, let’s get to what you really asked about – Firewalls. The router is smart; it controls the traffic flow, but the firewall block incoming traffic. Thinking of our Chicago trip, the firewall is your garage door. With the right garage door opener or code, you drive right in. But with the wrong code, it stays closed and secured. Without a good firewall, all the traffic in front of your house can see everything in your garage when the door is up. In fact, someone could walk right up the driveway into your house. Without a firewall, it might be like living in a glass house, where everyone sees what you do and own. Now, I don’t want the world to know when I am out of the house and there’s a big screen TV or the latest “toy” inside. Someone might think “I can just walk away with it and no one would know” if the door is standing open.
A Firewall will do this for your network. It not only blocks incoming traffic but also puts a privacy fence around the entire perimeter with a guard post watching everyone as they come in or go out. New monitored firewalls take the traffic control a step up – it can deny access to outgoing traffic as well as incoming, if needed. Your company decided the employees were spending too much time on their personal Facebook pages, so their monitored firewall stops outgoing traffic to Facebook. But your marketing department runs social media campaigns, so the monitored firewall allows only that traffic to cross through, either by username or originating computer (IP address).
These smart Monitored Firewalls can even stop phishing attacks. An email from your bank looks like there’s an issue, and gives a link to log in, but it goes to a site in Pakistan instead. The firewall will say “Hey, I don’t like this address. I think it’s malicious, so it’s blacklisted”, and the access Denied. A firewall has more features, but this gives you the most important job.
Here at Techno Advantage, we have partnered up with Calyptix firewall. We found they are a great fit with our small business clients. They offer a monthly affordable subscription with backed up and daily updates. The blacklist changes constantly; the bad guys are always on the move. Firewalls come in various brands – with increased complexity and abilities, as well as price. Firewalls work hand in hand with creating VPN connections, both between offices, and/or end users.
Hopefully, this has answered your question, giving you a rough idea of what a firewall is, and how it could benefit your business. If you have further questions don’t hesitate to reach out and ask one of our guys how a firewall would protect your business. We are here to help and educate.