Learn what firewalls are. Jungwoo goes over the basic functions of a firewall and their types as well as where the latest firewall technologies are headed.
- [Instructor] The internet today resembles the wild west. Lots of threats exist, and bad guys are always trying to break in. To prevent intrusion from the internet into your network, we need to monitor all the possible entry points and close them if necessary. In a computer network, these entry points are called ports, data packets flow through them. To monitor port activities, we can use something called a firewall. Firewalls can inspect data packets to check their sources and destinations, which are typically specific applications running on particular devices with their own unique addresses.
You may have heard this address called an IP address, the acronym IP here stands for internet protocol. Firewalls can also open and close the ports. Let's imagine that an incoming data packet encounters a firewall. If the packet is headed to a blocked host or a closed port, the firewall drops it. Otherwise, it passes the packet onto its destination. We can categorize firewalls into application firewall, static packet filtering firewall, and stateful packet inspection firewall.
An application firewall looks at the application data within a packet. A static packet filtering firewall only considers one packet at a time and checks its header. A staple packet inspection firewall is a more advanced form of a static packet filtering firewall, and evaluates a packet header in the context of those of previous packets. The boundaries among the three different types of firewalls we have discussed so far are blurry, because their features are often being merged into one system these days.
The all-in-one solution is referred to as unified threat management, or UTM, systems.
- Network security concepts
- The basic functions of a firewall
- Intrusion detection and prevention systems
- Using network data to improve security
- Using log servers to collect data
- Collecting application data
- Collecting OS data
- Network forensics
- Network security visualization