A firewall acts as a private network’s main protective barrier between itself and any outside public network such as the internet. The firewall will allow certain wanted traffic into the network and deny access to unwanted, potentially harmful traffic (viruses, hackers) from getting in and causing problems.
In order for a firewall to be effective it must know what/who is allowed access to the private network and in turn, what traffic it needs to protect the private network from. This is done through a network access control list; the access control list is a specific set of rules or guidelines that are controlled by the network administrator to determine what traffic is allowed into the private network and protect against malicious traffic attempting to gain access. The access control list acts like a filter and can be arranged by the network administrator to grant access to specific traffic based on the following common but not exclusive criteria: IP Address, Port, Domain Names, Protocol, Key Word, and Programs. There are many ways to classify firewalls depending on the perimeters/criteria but two types of firewalls that organizations use to fully protect themselves include, Host-based Firewalls and Network Based Firewalls
- A host-based firewall is a piece of software that is installed on individual devices and will protect that computer only
- Most modern computers have a host-based firewall installed prior to purchase and if that is not the case there are 3rd party firewall providers that can be bought and installed
- Many anti-virus programs have a built-in host-based firewall
- A network-based firewall is a combination of hardware and software that is placed at the network level protecting the network itself from the outside internet
- It protects the whole network as opposed to an individual computer like when using a host-based firewall
- Denies permission to harmful traffic before it can get to computers on that network
Both network-based and host-based firewalls can be used as stand-alone security measures but in order to fully protect your network from malicious activity it is best to use a combination of both types. If a network-based firewall for some reason grants harmful traffic access to the network, the host-based firewalls will then protect the individual computers/devices from being vulnerable to attack.
AOS is a leader in network and server security, having an experienced and skilled IT team leads to our clients having complete and total peace of mind when it comes to malicious traffic being denied access to their network. Reach out to firstname.lastname@example.org to discuss how AOS can help provide an all-encompassing network security solution for your business.
Author: John Vander Hoeven