subject: Net Firewall - How Do These Computer Filtering Systems Work?
[print this page] Anyone who has used a computer has probably heard of the term firewall by now. Most people understand that the purpose of a firewall is to allow authorized data to flow in and out of your computer, while keeping unauthorized users from gaining access to it. What most people may not understand is how exactly the system protection filtering accomplishes this task, in other words, the more technical aspect of keeping unauthorized users from gaining access to a machine. Well, there are different types of protective filtering out there, and they all have the same goal in mind, but they go about accomplishing this goal in a variety of different ways.
The most basic type of firewall available is a net firewall, which stands for Network Layer Firewall, is the simplest kind of firewall you can find. It accomplishes its goal of keeping out unauthorized users by doing something known as packet filtering. A packet is simply bits of data that is sent across a computer network, and this type of filtering is software that operates at the network level and has a set of rules that it looks at and decides if each packet matches the rules or not. It looks at the headers of the packets and if it meets the criteria specified by the rules, then it is allowed to be forwarded through the network.
A specific type of net filtering system that adds an extra step of security is one called a Stateful Packet Inspection Firewall. This model was built from using basic packet filtering but it has additional security. When this type of filtering intercepts an incoming packet, it waits until it has enough information to check and see the state of the connection. If the packet that has been intercepted passed a set of defined security rules, then the packet can be forwarded through the system. If it doesn't meet the security rules, then it is denied entry.
The net firewall model is the most popular type of protection used today. This is probably due to the fact that these models tend to be so inexpensive, and are the easiest to configure and keep running, not to mention they are fast. Many companies and businesses will already have a router setup in their offices, so all they have to do is put a rule set into place to have an effective protective system. The Stateful Packet Inspection Firewall is even faster than the alternative, a Proxying Firewall, since they inspect the packets at the network layer.
