In a guest post for National Cyber Security Awareness Month, Michael G. Williams, Network Firewall Lead with Information Technology Services, explains the function of a firewall, the types of firewalls and ways to maximize the security of your firewalls.
What is a firewall?
Many people have heard the term “firewall” in the context of information security but may not know exactly what it means. At its most basic, a firewall is a means of blocking unwanted network traffic so that it does not affect computers or resources. Think of a firewall as the moat around a castle: it creates a specific barrier to entry around the protected asset. Just like a moat, it is necessary to lower a gate – by granting permission in the firewall configuration – to allow trusted parties to pass in or out.
A firewall may be as simple as the software firewall installed on a protected computer and configured to block certain kinds of connections to or from that one computer. Every operating system comes with a software firewall that may be used for this purpose, so every desktop computer already has this capability. While software firewalls may be sufficient for some scenarios, software firewalls may be compromised by malware. After all, this most basic firewall is just another piece of software running on that computer. A malware infection can turn off the software firewall, lowering the gate for other malware to cross the moat and invade.
The other major classification of firewalls is a hardware firewall. A hardware firewall is an external, dedicated piece of equipment through which all traffic to and from the protected systems must pass for inspection. These devices are considered more secure than a software firewall because they cannot as easily be compromised. The vulnerabilities that can be used to attack a home computer usually do not apply to a hardware firewall because it runs very different software built with security in mind.
Almost all home network and home wireless routers come with some degree of firewall capability, so there is rarely any added expense associated with setting up a hardware firewall at home. These home firewalls are usually simple to set up and require little or no ongoing maintenance other than the occasional firmware update. If you use a hardware firewall your home computers are likely to be much safer than if you do not.
Getting the most from your firewall
The Information Security Office does not endorse any particular manufacturer or model of hardware firewall/home router/wireless router for home networks. Instead, I want to stress the importance of checking a few simple settings to maximize the security of your settings. These should be checked regardless of the manufacturer or model. You may find some are already configured by default:
- Block ICMP from the Internet (aka “stealth” mode). This will make it harder for random scans of the Internet to notice your home computer.
- Disable remote administration. Most home routers and firewalls have some sort of remote administration capability. This permits the Internet to connect and see a log in screen. Disabling this feature will make your home firewall much more secure.
- Enable attack detection. Not all home network firewalls have this feature and it may go by other names, such as Intrusion Prevention or IPS. If it exists, make sure it’s enabled so your home firewall will be aware of known patterns of attack.
- Use strong wireless security. Make sure your home wireless router is using WPA2 for wireless encryption and you have a passphrase it would be difficult to guess. WPA2 is not perfect but it is the strongest encryption supported by most home network devices.
October is National Cyber Security Awareness Month. Visit ITS News throughout October for posts offering cyber security advice from experts and other tech tips. For additional cyber security tips and to check out the activities and resources associated with National Cyber Security Awareness Month, visit the national campaign’s website.