What is Firewall?
One type of antivirus protection is Firewall, the software that performs data control and their filtration according to set rules and options.
With the help of Firewall the computer or computer network is protected from unauthorized access. Very often Firewall is called a filter, since it "filters" the information and doesn't pass it, in case it doesn't satisfy specific criteria.
What can Firewall do?
Traditional features of this software are the following:
- Control of access to the network nodes
- Notification of attacks on the screen or the network nodes
- Notification of suspicious network activity
- Filter of access to unprotected services
- Prevention from getting the information from the unprotected network
- Prevention from false data integration to the protected subnetwork
- Regulation of access to the network
- Registration of outside access attempts
With all its multiple functions, Firewall cannot solve all the problems and cannot replace antivirus. It doesn't provide protection from downloading malware or leak of data. Furthermore, Firewall won't protect the network nodes from intrusion through back doors. These features are typical for antiviruses that either are usually connected to Firewall working as a proxy, or get the copy of uploaded data from Firewall.
Types of Firewall
Firewall is divided into different types depending on:
1. Level of network protocols on which the control of data flow is taking place.
- Firewall working on the network level (filtration based on algorithm set by the administrator and addresses of the packages receiver and sender);
- Firewall working on the session level (tracking the sessions among all the applications and blocking those, which can violate safety);
- Firewall working on the application level (filtration is performed on the grounds of data analysis transferring inside the package).
2. Tracking of active connections.
- Firewall of simple filtration (stateless): the data flow is filtered on the grounds of static algorithms, however the current connections are not traced;
- Firewall context filtration (exclusive access to the packages, corresponding the algorithms of applications and protocols work), the current connections are traced.
3. Coverage of controlled flows:
- Traditional Firewall ( controls the data flows between networks);
- Personal Firewall (protects a particular computer form unauthorized access).