University of Sulaymany

College Basic Education

Computer Science Department
Stage 4
Group B

Firewall

Prepared by :
Zhilwan rahim
Ahmad Ismael
Supervisor by :
Mr .Karwan Mustafa Karem

2023 -[1]2024
Table of Contents
Introduction to Firewall .........................................................................................3

How does a firewall work? ......................................................................................4

Why are firewalls important? .................................................................................4

Top 5 Firewall Benefits ............................................................................................5

1. Monitors Network Traffic ...................................................................................5

2. Stops Virus Attacks .............................................................................................5

3. Prevents Hacking ................................................................................................5

4. Stops Spyware.....................................................................................................5

5. Promotes Privacy ................................................................................................6

Types of Firewall ......................................................................................................6

1.Packet-filtering Firewalls.....................................................................................7

2.Circuit-level Gateways ........................................................................................7

3.Application-level Gateways (Proxy Firewalls) ...................................................8

4.Stateful Multi-layer Inspection (SMLI) Firewalls ...............................................9

5.Next-generation Firewalls (NGFW) ....................................................................9

6.Threat-focused NGFW ......................................................................................10

7.Network Address Translation (NAT) Firewalls .................................................10

8.Cloud Firewalls .................................................................................................. 11

9.Unified Threat Management (UTM) Firewalls ................................................. 11

References ...............................................................................................................12

[2]
Introduction to Firewall

A firewall is a piece of software or hardware that filters all network traffic between
your computer, home network, or company network and the Internet. It is our
position that everyone who uses the Internet needs some kind of firewall protection.
This chapter tells you what a firewall does and sets down the basic questions that
you should ask as you are evaluating specific firewalls. Not too long ago, only
construction workers and architects asked the question, “Why do we need a
firewall?” Before the term firewall was used for a component of a computer network,
it described a wall that was designed to contain a fire. A brick and mortar firewall is
designed to contain a fire in one part of a building and thus prevent it from spreading
to another part of the building. Any fire that may erupt inside a building stops at the
firewall and won’t spread to other parts of the building. A firewall in a computer
network performs a role that is very similar to that of a firewall in a building. Just as
a firewall made out of concrete protects one part of a building, a firewall in a network
ensures that if something bad happens on one side of the firewall, computers on the
other side won’t be affected. Unlike a building firewall, which protects against a
very specific threat (fire), a network firewall has to protect against many different
kinds of threats. You read about these threats in the papers almost every day: viruses,
worms, denial-of-service (DoS) attacks, hacking, and break-ins. Attacks with names
like SQL Slammer, Code Red, and NIMDA have even appeared on the evening
news. Unless you haven’t read a newspaper or watched the news in the last year, you
surely have heard at least one of these terms. It’s no secret: they are out there, and
they are out to get us.

[3]
How does a firewall work?

A firewall establishes a border between an external network and the network it

guards. It's inserted inline across a network connection and inspects all packets
entering and leaving the guarded network. As it inspects, it uses a set of
preconfigured rules to distinguish between benign and malicious traffic or packets.
The term packet refers to a piece of data that is formatted for internet transfer.
Packets contain the data itself and information about the data, such as where it came
from. Firewalls can use this packet information to determine whether a given packet
abides by the rule set. If it doesn't, the packet is barred from entering the guarded
network.

Why are firewalls important?

Firewalls serve as the first line of defense against external threats, such as hackers
and malware attacks. In particular, firewalls combined with an intrusion prevention
system (IPS) are crucial in preventing malware and certain application layer attacks,
Firewalls first emerged in the early days of the internet when networks needed new
security methods that could handle increasing complexity. They've since become the
foundation of network security in the client-server model -- the central architecture
of modern computing. Overall, firewalls play an important role in preventing cyber
attacks, protecting sensitive data, and maintaining the privacy and security of
computer systems and networks

[4]
Top 5 Firewall Benefits

1. Monitors Network Traffic

All of the benefits of firewall security start with the ability to monitor network traffic.
Data coming in and out of your systems creates opportunities for threats to
compromise your operations. By monitoring and analyzing network traffic, firewalls
leverage preestablished rules and filters to keep your systems protected. With a well-
trained IT team, you can manage your levels of protection based on what you see
coming in and out through your firewall.

2. Stops Virus Attacks

Nothing can shut your digital operations down faster and harder than a virus attack.
With hundreds of thousands of new threats developed every single day, it is vital
that you put the defenses in place to keep your systems healthy. One of the most
visible benefits of firewalls is the ability to control your system's entry points and
stop virus attacks. The cost of damage from a virus attack on your systems could be
immeasurably high, depending on the type of virus.

3. Prevents Hacking
Unfortunately, the trend of businesses moving more toward digital operations invites
thieves and bad actors to do the same. With the rise of data theft and criminals
holding systems hostage, firewalls have become even more important, as they
prevent hackers from gaining unauthorized access to your data, emails, systems, and
more. A firewall can stop a hacker completely or deter them to choose an easier
target.

4. Stops Spyware
In a data-driven world, a much-needed benefit is stopping spyware from gaining
access and getting into your systems. As systems become more complex and robust,
the entry points criminals can use to gain access to your systems also increase. One

[5]
of the most common ways unwanted people gain access is by employing spyware
and malware—programs designed to infiltrate your systems, control your
computers, and steal your data. Firewalls serve as an important blockade against
these malicious programs.

5. Promotes Privacy
An overarching benefit is the promotion of privacy. By proactively working to keep
your data and your customers' data safe, you build an environment of privacy that
your clients can trust. No one likes their data stolen, especially when it is clear that
steps could have been taken to prevent the intrusion. Additionally, upgraded data-
protection systems can be a competitive advantage and a selling point to customers
and clients. The benefit increases the more sensitive the data your company deals
with.

Types of Firewall

There are mainly three types of firewalls, such as software firewalls, hardware
firewalls, or both, depending on their structure, type of firewall is :

1. Packet-filtering Firewalls
2. Circuit-level Gateways
3. Application-level Gateways (Proxy Firewalls)
4. Stateful Multi-layer Inspection (SMLI) Firewalls
5. Next-generation Firewalls (NGFW)
6. Threat-focused NGFW
7. Network Address Translation (NAT) Firewalls
8. Cloud Firewalls
9. Unified Threat Management (UTM) Firewalls
[6]
1.Packet-filtering Firewalls
A packet filtering firewall is a network security feature that regulates the flow of
incoming and outgoing network data. Each packet containing user data and control
information is examined and tested by the firewall using a set of pre-defined rules.
If the packet passes the test, the firewall allows it to proceed to its destination. Those
who fail the test are disqualified. Firewalls inspect packets by looking at rule sets,
protocols, ports, and destination addresses.

2.Circuit-level Gateways
A circuit level gateway works at the session layer of the open systems
interconnection (OSI) model. The firewall analyzes transmission control protocol
handshaking between packets to identify legitimate traffic and block unauthorized
access attempts. Only the header information is checked to ensure that the traffic
meets the circuit level gateway rules, while the content of data packets is skipped. It
handles connections between trusted servers and clients with untrusted hosts.

[7]
3.Application-level Gateways (Proxy Firewalls)
A proxy firewall is the most secure form of firewall, which filters messages at the
application layer to protect network resources. A proxy firewall, also known as an
application firewall or a gateway firewall, limits the applications that a network can
support, which increases security levels but can affect functionality and
speed. A proxy server addresses this gap by providing a gateway or intermediary
between computers and servers on the internet to secure data that goes in and out of
a network. It determines which traffic should be allowed and denied and analyzes
incoming traffic to detect signs of a potential cyberattack or malware. A proxy server
firewall caches, filters, logs, and controls requests from devices to keep networks
secure and prevent access to unauthorized parties and cyberattacks.

[8]
4.Stateful Multi-layer Inspection (SMLI) Firewalls
Stateful multilayer inspection (SMLI) firewalls filter packets at the network,
transport, and application layers, comparing them against known trusted packets.
Like NGFW firewalls, SMLI also examine the entire packet and only allow them to
pass if they pass each layer individually. These firewalls examine packets to
determine the state of the communication (thus the name) to ensure all initiated
communication is only taking place with trusted sources.

5.Next-generation Firewalls (NGFW)

A next generation firewall (NGFW) permits or blocks traffic between networks.
Next generation firewalls add advanced capabilities like application-level packet
inspection and intrusion prevention to traditional packet-filtering network firewall
capabilities.

[9]
6.Threat-focused NGFW

Threat-focused NGFW includes all the features of a traditional NGFW.

Additionally, they also provide advanced threat detection and remediation. These
types of firewalls are capable of reacting against attacks quickly. With intelligent
security automation, threat-focused NGFW set security rules and policies, further
increasing the security of the overall defense system, In addition, these firewalls
use retrospective security systems to monitor suspicious activities continuously.
They keep analyzing the behavior of every activity even after the initial
inspection. Due to this functionality, threat-focus NGFW dramatically reduces
the overall time taken from threat detection to cleanup.

7.Network Address Translation (NAT) Firewalls

A Network Address Translation (NAT) firewall operates on a router to protect
private networks. It works by only allowing internet traffic to pass through if a device
on the private network requested it. A NAT firewall protects the identity of a network
and doesn’t show internal IP addresses to the internet.

[10]
8.Cloud Firewalls
Cloud firewalls are software-based, cloud deployed network devices, built to stop or
mitigate unwanted access to private networks. As a new technology, they are
designed for modern business needs, and sit within online application
environments.

9.Unified Threat Management (UTM) Firewalls

Unified threat management, commonly abbreviated as UTM, is an information
security term that refers to a single security solution, and usually a single security
appliance, that provides multiple security functions at a single point on the network .
A UTM appliance will usually include functions such as: antivirus, anti-spyware,
anti-spam, network firewalling, intrusion detection and prevention, content filtering
and leak prevention. Some units also provide services such as remote routing,
network address translation (NAT), and virtual private network (VPN) support. The
allure of the solution is based on simplicity, so organizations that may have had
individual vendors or appliances for each separate security task can now have them
all under one vendor umbrella, supported by one IT team or segment, and run
through one console.

[11]
References
Intellipaat. “What Is Packet Filtering Firewall?” Intellipaat, 12 Oct.
2023, intellipaat.com/blog/packet-filtering-firewall/#no3.

Kaspersky. “What Is a Firewall? Definition and Explanation.” Me, 11

July 2023, me-en.kaspersky.com/resource-
center/definitions/firewall.

“What Is a Circuit Level Gateway?: Nordlayer Blog.” NordLayer,

nordlayer.com/learn/firewall/circuit-level/. Accessed 5 Dec. 2023.

“What Is a Proxy Firewall and How Does It Work?” Fortinet,

www.fortinet.com/resources/cyberglossary/proxyfirewall#:~:text=A
%20proxy%20firewall%2C%20also%20known,or%20inspect%20a
pplication%20protocol%20traffic. Accessed 5 Dec. 2023.

“What Is a Firewall?” Forcepoint, 9 Nov. 2023,

www.forcepoint.com/cyber-
edu/firewall#:~:text=Stateful%20multilayer%20inspection%20(SM
LI)%20firewalls,they%20pass%20each%20layer%20individually.

[12]