WINDOWS NETWARE LINUX
 

HACKSTOMPER©

    • hardware - what works and why

DETAILS

 
Internet
Virus Vulnerabilities
Firewalls
Types of firewalls
intelligence
hardware
how it works
related technologies
monitoring
maintenance
white hat hacking
A firewall computer usually only performs one function, namely that of a firewall. A legal analogy might be most appropriate to illustrate why. A judge needs to be a disinterested third party presiding over a dispute between two factions. If the judge had a personal stake in the outcome of the proceedings, the process could be tainted. A firewall needs to maintain its independence and not be asked to also function as the email system, the FAX server or to provide some other service. To function properly, a firewall must not be corruptible by any process, and consequently it should be the only system running on the computer.

Usually, a firewall has at least two "sides", a Public side and a Private side. The Public side faces the Internet and the Private side faces your internal network. These are the two parties the firewall judge is presiding over. The firewall gets to examine all traffic in both directions and the rules determine what traffic is allowed in or out.

In some circumstances, there can be more than one Private side. Some sites opt to put their quasi-public quasi-private servers such as Email, FTP, WEB, etc. in what has been termed a DMZ (Demilitarized Zone). These servers aren't considered either totally private or totally public devices and get special treatment. Another reason to have more than one Private side is if a site has multiple internal networks and it's easiest to break the rules up according to network.

In any event, a firewall with only one side is almost by definition not a firewall at all. Hence another reason why the software only Firewalls installed on individual users workstations is usually largely ineffective.