Survey of Commercial Firewalls Term Paper
- Length: 7 pages
- Subject: Education - Computers
- Type: Term Paper
- Paper: #73870486
Excerpt from Term Paper :
Once upon a time a firewall was a physical barrier that kept a literal fire from spreading from one building to another. Now the term is more often used to refer to a variety of devices - both hardware and software - meant to keep information from being stolen from a computer. This paper examines the variety of commercial firewalls that are available today.
Initially firewalls were separate pieces of hardware; this is becoming less and less the case in part because firewalls are now more frequently installed on home computers as well as on business ones, and many users of computers at home either do not have the space for or the expertise for a hardware firewall, which has given rise to the two varieties:
firewall is a piece of hardware or software that places a barrier between your network and the Internet. It prevents outsiders from accessing your network and systems and delving into your confidential information or performing malicious acts. It can further protect your systems by restricting the surfing activities of those on your network so that you aren't exposed to harmful code that they may pick up when visiting non-trusted sites.
A firewall examines each packet of data sent to your computer or network and decides, based on pre-determined parameters, whether or not to let it through. It also blocks attempts by unknown programmes that may find their way onto your system from communicating with the Internet (http://www.bcentral.co.uk/technology/security/firewalls.asp).
Computers that are not networked to other computers are not in need of firewalls because they are not vulnerable to having information retrieved from them. In order to understand why firewalls are so important for the vast majority of computers that are either networked to other computers or to the Internet it is essential that we understand why computers are so vulnerable to hacking or other forms of infiltration to begin with.
Computers are vulnerable because people forget how interconnected the virtual world is; they are also inclined to act in ways that actually make it all too easy for hackers (or anyone) to break into their systems by doing things like choosing easy-to-guess passwords that they then post on their computers. As any hacker will tell you, probably the most common password of all is missing from this list, given that people are, for some peculiar psychological reason, inclined to choose the word "password" for their password. Given the fact that so many people choose the above passwords, the job of the hacking seeking to poke around inside of a company's computer is almost too easy.
Firewalls are not the only means to try to keep computers safe, and indeed firewalls should be used in conjunction with these other safety features.. A number of computer security techniques have been developed to protect both in information stored in single computers as well as that stored in network-linked computer systems from both accidental and intentional harm. Of course, computers that are not linked to other computers cannot be hacked into. (Unless one counts breaking into a house and physically stealing a hard drive as a form of hacking, but this is usually considered simple burglary.)
It's the Network, Stupid
Cyber-protections are far more important for networked systems, which are by their nature designed to allow a number of different people to have at least partial if not complete access to the data that is stored in them. Computers, being computers and not sentient, cannot distinguish between a hacker with the correct cyber-identification and the CEO of the company. This is one of the things, of course, that people do much better than machines: A security guard would notice right away if a person carrying a computer out of a building was a slender, blonde woman in her seventies rather than the black, male, 31-year-old CEO. A computer would treat the two the same, so long as each came armed with the proper codes. Firewalls exist to prevent as many as possible of these surreptitious attempts to gain information.
The firewall is designed to prevent unauthorized users from gaining access to the computers on a network. (It is also, and generally more usefully designed to ensure that information received from an outside source does not contain viruses). Getting around firewalls requires an extra step in terms of hacking, but the difference is more quantitative than qualitative. Acme may well have a firewall or it may not. As anti-virus software has become increasingly efficient, many companies have eliminated firewalls, perhaps forgetting that they are at least as important for keeping out hackers as viruses (www.bombthebox.com).
Any computer that is linked to other computers is vulnerable to having information stolen or degraded and so needs a firewall: Today this includes nearly every computer in existence. It might be useful to note at this point that hacking shares certain key similarities with viruses, with which people may in general be more familiar. Viruses might even be considered to be a form of hacking - hacking in which the virus is sent in as an electronic emissary for the hacker. However, there are also important distinctions between the two: Viruses are either destructive or sometimes (although less and less often) just silly, but they are not information-retrieving devices. Quite often the primary motivation for a hacker is the chance to gain information from someone else's computer.
However, while this is an important difference, the similarities are probably more striking, because both hackers and viruses are capable of damaging computer software as well as causing computer systems physically to lose data and of "invading" and damaging or subtly changing the information in databases. Some of the most destructive hacker attacks are those that are sufficiently subtle that they are not immediately recognized and cause the authorized users of those computers to operate with falsified information.
Hackers, who can gain access to all corners of computers, from files stored on back-ups to email, which seems so ephemeral to most people that they may not realize that it is retrievable, are difficult to catch, and even when they are apprehended they tend to receive relatively light fines as perpetuators of white-collar crimes. (Not that this is necessarily wrong: The financial harm caused by a hacker cannot be compared to the harm caused by a serial rapist.) But anyone who has ever lost important information either because it was electronically stolen or because it was destroyed by a virus should consider installing a firewall.
One of the most important reasons that stealing information from other computers is so easy to accomplish is that people have a false sense of security about their computers. Many people think of their computers (and thus of every single piece of data that is stored in them) as both private and intellectually safe because the physical components of that computer are kept safe within a private space such as a home or business. Because the computer is kept in this private space, people believe that the use of that computer and the information stored within it is in fact easily and completely restricted to a designated number of licit users.
However, given the many ways in which computers are linked to each other, we know that this is not the case. An analogous example would be a person shouting across the street to a friend and expecting that only that friend could hear because the friend was the only person "authorized" to receive the message. None of us would make this mistake, but because most people do not have a good understanding of the way in which the computers they use work, they do not "see" all the other people who may be effectively listening in on what is going on in their computer.
Because we protect the physical components of computers, we believe at least at some level that we are also protecting the integrity and privacy of the information that is stored within them. This is simply not the case. (Although one may legally own the information in a computer, a fact that may come up in the prosecution of a hacker, this does not in any practical way keep one from having one's computer hacked into.)
The computer sitting on your desk in your home office or at work - or at the FBI - can be connected (indeed in many ways is connected) to busy-as-bee hackers in China and Russia with absolutely nothing better in the world to do than to discover ways of determining what information you have stored in your computer that might be of interest to anyone else in the world. And the only thing that stands between you and those curious fingers and eyes may well be a firewall.
Hardware vs. Software
In general, hardware firewalls are more versatile and more powerful than are software firewalls; however this does not mean that software firewalls may not provide sufficient protection for many home systems. Those who are doing anything at all complicated with their…