The lowdown on firewalls

What is it? A firewall blocks unwanted traffic from entering your network by managing and closing unused ports and controlling traffic over the open ports.


What are the options? A firewall can be either software or part of a dedicated hardware appliance, such as a router. Both work the same way, but the hardware option takes the processing load off other network components and is best for more demanding traffic loads.


The latest trend? Vendors are building faster Unified Threat Management devices that include a firewall and antivirus tools, but they may also provide a spam blocker, intrusion detection and prevention, content filtering and an encrypted virtual private network.


What is content filtering? While a firewall blocks certain kinds of data packets and prevents access to the network through most of the normally open TCP/IP ports, it doesn't stop specific information from leaving or entering the network or computer.

Content filtering can watch for and block the transmission of certain classes of information or specific text and numeric data.

You can protect against intrusions, but nothing can protect against folly except content filtering that actually prevents users from transmitting critical data, either intentionally or accidentally.

For example, even an inexpensive PC security suite like Internet Security from Symantec Corp. of Cupertino, Calif., can be told to watch for certain information, such as a Social Security number, a password or an account number, and either warn when it is being sent or block it entirely.

Must Know Info? UTMs hold some promise for cutting management costs and improving security, but they must be carefully tested to see if they excessively slow the network. Newer devices have enough processing power to clear some of the former bottlenecks caused by putting all these tools in the same box. Some wireless routers include a firewall'you probably shouldn't consider any other kind.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above