COLLEGE OF COMPUTING, INFORMATICS AND MATHEMATICS

BACHELOR OF INFORMATION SCIENCE (HONS)

LIBRARY MANAGEMENT (IM244)

LEGAL AND ETHICAL ASPECTS OF INFORMATION SYSTEMS (IMS657)

ASSIGNMENT 1 (ESSAY WRITING) – FIREWALL

PREPARED FOR:

PROF. MADYA DR. MASITAH BINTI AHMAD

PREPARED BY:

NUR EZZAD HAQIM BIN ALI

MATRIC NO:

2021871146

CLASS:

IM244EKA
 ACKNOWLEDGEMENT

I would like to express my gratitude to Prof. Madya Dr. Masitah Binti Ahmad because
she has been guided me to finish this assignment. She always there to help and give advice
to make sure I do it right. I am very thankful to Allah the Almighty because has given me
ideas to write this essay successfully without delay. Not to forget my fellow classmates which
are supportive to give some enlightenment regarding the assignment so that I understand
better.

Finally, I want to thank my parents for their moral support and everyone that has
helped me through the making of this essay. Thank you.
ABSTRACT

As organisations increasingly rely on information technologies to store and process sensitive

data, legal compliance has become a crucial factor. Firewalls, as an essential element of
network security, play a significant role in this context. This essay examines the relationship
between firewall use and legal aspects of information system development, with a focus on
privacy, data protection, and its importance. Firewalls allow organisations to control and
track data to ensure that only authorised users have access to sensitive information,
lowering the risk of data breaches and guaranteeing compliance with privacy laws.

Firewalls must be implemented to ensure legal compliance obeyed when creating

information systems. By adding firewalls into their network security plan, organisations may
protect confidential information, comply with regulations, and reduce the legal risks
associated with data breaches.
Table of Contents
1.0 INTRODUCTION..........................................................................................................................1
1.1 Firewall Creation.......................................................................................................................1
1.2 Types of Firewalls....................................................................................................................1
2.0 FIREWALL USE IN INFORMATION SYSTEM.......................................................................2
2.1 Firewall Architecture................................................................................................................2
2.2 Management of the Firewall....................................................................................................3
2.3 Future Trends and Challenges in Firewall Technology.......................................................3
3.0 CONCLUSION..............................................................................................................................4
References.........................................................................................................................................5
1.0 INTRODUCTION
A firewall is a security device that protects internet network by monitoring unfamiliar
traffic and preventing unauthorised access to our sensitive data (Stouffer, 2023). In simple
terms, firewall is like a virtual filter that controls who goes in a network and rejects suspicious
user from entering the site. Firewalls protect network against unauthorised access, malware,
and other security issues by granting only authorised traffic while blocking unwanted traffic. It
is important for a system that holds a lot of personal data to have firewall built in their system
as legal aspect that protect people privacy from cyber-attacks.

1.1 Firewall Creation

The firewall original word was meant to perform what a non-technical person might
think it should do: frame a wall that serves as a barrier against actual fire (Conran, 2018).
Until now, there have been five generations of firewall since 1980. The firewall originally
meant to analyse data sent and received between computers in a network but every year
new threats emerges which affects the firewall functionality.

The first generation of firewall consisted of antivirus protections developed to stop the
spread of viruses entering PCs in the 1980s. In mid-1990s, the physical firewalls were
developed as the second generation of firewalls to protect networks. Third generation of
firewalls focused on fixing vulnerabilities in applications was created in the early 2000s. The
fourth generation of firewalls is called payload. It was made in 2010 and its purpose is to
resolve evasive and polymorphic attacks. The last recorded generation of firewall was seen
in 2017. These firewalls are now equipped with modern and complex methods which boasts
advanced threat detection and prevention solutions.

1.2 Types of Firewalls

There are eight main types of firewalls which depends on the combination of software
or physical form of firewall method used within an organisation. The delivery method of
firewalls consists of three types which is hardware, software, and cloud based. The
operation method of firewalls, on the other hand, consists of five types which are packet
filtering, circuit level, stateful inspection, proxy, and next-generation firewalls.

Packet-filtering firewalls examine data packets that cross network borders. Every
packet of data must be checked against a set of predefined rules. If the packets comply with
these requirements, the firewall allows traffic to pass. If not, connections are stopped, and
warnings may be generated. Circuit-level firewall monitor traffic whenever remote and local
hosts establish a connection. It closes both device connection if it finds suspicious. Stateful
firewalls receive input and make decisions automatically based on threats. Proxy firewalls

1
filter inbound and outbound traffic, preventing direct access to web servers without being
authenticated through Hypertext Transfer Protocol (HTTP) to determine whether connections
are legitimate or not. The next-generation firewalls are built on other firewall to extend its
functionality that offer more protection and controls over sensitive data.

2.0 FIREWALL USE IN INFORMATION SYSTEM

The system that has firewall are safe because it acts as first line of defence against
hackers or malware on the internet by blocking them from exploiting the data in an
organization system. Additionally, there are another tool that works the exact same way as
firewall but in one device at a time which is the Virtual Private Network (VPN). VPN hides
user identity and makes them appear like they are accessing the internet from a different
place.

2.1 Firewall Architecture

There are few primary components in building the firewall. One of them is the
network policy. The design, installation, and operation of a firewall in a network is strongly
affected by two types of network policy such as higher-level policy and lower-level policy.
The higher-level policy is an issue-specific connection policy that specifies which services
are authorised or explicitly prohibited from the restricted network, how they will be used, and
reasons for exceptions to this policy. The lower-level policy describes how the firewall will
handle the entry limitation and service filtration specified in the higher-level policy.

Next is the advanced authentication. Advanced authentication procedures such as

smartcards, authentication tokens, biometrics, and software-based mechanisms are aimed
at countering weak traditional passwords. While authentication systems differ, they are
similar in that advanced authentication devices generate passwords that are unable to be
reused by an attacker who observed a connection.

Packet filtering also be used in the firewall where it filters packets that travel between
the router's interfaces. This router can filter IP packets based on source IP address,
destination IP address, TCP/UDP source port, or destination port. (“What Is a Firewall?
Definition, Key Components, and Best Practices”)

Last component is the application gateways. While the packet filtering is good in
disseminating connections it still has its flaws. Firewalls needs to use additional software to
further enhance the filtering process with proxy services like TELNET and FTP. The proxy
server separates end users from websites they browse.

2
2.2 Management of the Firewall
Firewall management is the process of establishing and maintaining a firewall to
guarantee a secured connection. As a matter of course, a company's network and devices
may be protected by numerous firewalls. Managing these firewalls involves developing rules
and policies, documenting changes, and evaluating compliance logs. It includes monitors
user access to firewall settings. Firewall policies must be implemented and updated on
periodically when necessary. Rules must be examined and reviewed to prevent rule conflicts
or vulnerabilities. Firewall software needs to be updated with latest patches to make sure
new threats is identified and not slip through the system anonymously due to outdated
software. The management involves constantly reviewing rules and configurations, analysing
logs and alarms, and diligently monitoring compliance.

2.3 Future Trends and Challenges in Firewall Technology

Firewalls will likely evolve significantly in the next years to cope with increasingly
complex online attacks. They will be strongly integrated into overall security frameworks,
relying on enhanced threat prevention techniques to detect and prevent zero-day exploits
and targeted attackers. With the arrival of cloud computing, firewalls will be effortlessly
integrated with cloud security solutions to safeguard cloud-based assets. More than that,
machine learning and artificial intelligence will play an important role in improving firewall
capabilities, allowing them to identify and react more swiftly to emerging threats. As
organisations adopt zero trust security models, firewalls will enable precise supervision of
network access, ensuring that only authorised people and devices have access.

Furthermore, as the Internet of Things (IoT) expands, firewalls will have to adapt to
prevent attacks on the growing network of linked devices. It is no doubt that firewall
management is a challenging task that requires oversight of rules, configurations, and
policies. The complexity of modern network structures can make this procedure hard,
especially for IT organisations that lack proper tools and training. Despite their usefulness,
firewalls are susceptible to vulnerabilities and misconfigurations. Configurations might
become old or outdated over time, leaving the network vulnerable to unauthorised access or
cyberattacks. Besides, modern cyber threats are ever-changing, demanding frequent
updates and optimisations to defend against advanced threats such as stateful and packet-
filtering attacks.

3
3.0 CONCLUSION
In a nutshell, firewalls serve a significant purpose in information systems by acting as
a primary line of defence against cyber threats. They operate as a layer of protection
between a trusted internal network and unreliable external networks, monitoring and
managing incoming and outgoing network traffic based on predefined security rules.
Firewalls help to prevent illicit access to or from private networks, assuring data security,
integrity, and availability.

In addition to its defensive role, firewalls provide visibility into network traffic, allowing
organisations to identify and mitigate potential security issues. They can be set up to log and
report on network activities, which helps detect suspicious behaviour or security incidents.
While firewall is good at preventing known risks and unauthorised access, they may not be
adequate for complex attacks or insider threats. To effectively manage threats, organisations
should use a layered security approach that includes firewalls as well as other security
measures such as intrusion detection systems, endpoint protection, and user education.

4
References
Bally, B. (2021, August 12). The history of the firewall. https://www.aureon.com/services/it-

management/it-services/security/firewall/the-history-of-the-firewall/

Book, V. (2023, November 12). Addressing firewall challenges in today’s cyber landscape |

Tufin. Tufin. https://www.tufin.com/blog/addressing-firewall-challenges-todays-cyber-

landscape

Buckbee, M. (2022, June 24). What is a proxy server and how does it work? Varonis.

https://www.varonis.com/blog/what-is-a-proxy-server

Conran, M. (2018b, February 5). The Evolving Security Paradigm, Part 1 – History of

Firewalls. Acunetix. https://www.acunetix.com/blog/articles/evolving-security-

paradigm-part-1-history-firewalls/

Deshpande, C. (2023, August 29). What is firewall: types, how does it work, advantages &

its importance. Simplilearn.com. https://www.simplilearn.com/tutorials/cyber-security-

tutorial/what-is-firewall

Dosal, E. (2024, February 27). What is a firewall? The different firewall types & architectures.

compuquip. https://www.compuquip.com/blog/types-firewall-architectures

Firewall Management: The Expert Guide - Titania. (n.d.).

https://www.titania.com/resources/guides/firewall-management#:~:text=Firewall

%20management%20is%20the%20process,devices%20and%20network%20as

%20standard.

Future trends and innovations in firewall Technology - FasterCapital. (n.d.). FasterCapital.

https://fastercapital.com/topics/future-trends-and-innovations-in-firewall-

technology.html#:~:text=One%20of%20the%20major%20future,respond%20to

%20threats%20more%20effectively.

Gold, S. (2011). The future of the firewall. Network Security, 2011(2), 13–15.

https://doi.org/10.1016/s1353-4858(11)70015-0

5
Kanade, V. (2022, March 24). What is a firewall? Definition, key components, and best

practices. Spiceworks.

https://www.spiceworks.com/it-security/network-security/articles/what-is-firewall-

definition-key-components-best-practices/#:~:text=Firewall%20architecture%20is

%20built%20upon,packet%20filtering%2C%20and%20application%20gateways.

NordLayer. (n.d.). Understanding the main types of firewalls | NordLayer Learn.

https://nordlayer.com/learn/firewall/types-of-firewalls/

Rouse, G. (2023, March 3). What Is a Firewall and Why Is it Important in Cyber Security?

Datto. https://www.datto.com/blog/what-is-a-firewall-and-why-is-it-important-in-cyber-

security

Stouffer, C. (2023b, September 6). What is a firewall? Firewalls explained and why you need

one. https://us.norton.com/blog/privacy/firewall#:~:text=A%20firewall%20acts%20as

%20a,to%20steal%20your%20personal%20information.

Telatnik, M. (2023, March 28). What is a firewall? Built In. https://builtin.com/articles/firewall

Tran, T. V., & Ahn, H. (2017). Challenges of and solution to the control load of stateful

firewall in software defined networks. Computer Standards & Interfaces, 54, 293–

304. https://doi.org/10.1016/j.csi.2017.01.012

What is a firewall? Definition and explanation. (2023, July 11). www.kaspersky.com.

https://www.kaspersky.com/resource-center/definitions/firewall

What is a firewall? Definition and types of firewall | Fortinet. (n.d.). Fortinet.

https://www.fortinet.com/resources/cyberglossary/firewall

What’s next for network firewalls? | Fortinet blog. (2023, May 17). Fortinet Blog.

https://www.fortinet.com/blog/industry-trends/network-firewalls-ngfw-predictions

Yasar, K., & Lutkevich, B. (2023, April 19). firewall. Security.

https://www.techtarget.com/searchsecurity/definition/firewall