Cyber Security Firewalls

🔥 Cyber Security – Firewalls (In-Depth Guide)

A Firewall is the first line of defense in Cyber Security.

It acts like a security guard between trusted (internal) and untrusted (external) networks.

📌 No firewall = open door for attackers

 What is a Firewall?

A firewall is a hardware or software security system that:

  • Monitors network traffic

  • Allows or blocks data packets

  • Uses predefined security rules

📌 Simple definition:

Firewall controls who can enter and exit your network

Why Firewalls are Critical in Cyber Security

  • Prevent unauthorized access

  • Block malware traffic

  • Stop hacking attempts

  • Protect internal systems

  • Reduce attack surface

✔ Used in homes, companies, data centers, cloud

 How a Firewall Works (Basic Flow)

1️⃣ Incoming traffic reaches firewall
2️⃣ Firewall checks rules
3️⃣ Traffic is allowed or blocked
4️⃣ Logs are generated

📌 Decision is based on:

  • IP address

  • Port number

  • Protocol

  • Connection state

 Types of Firewalls (Very Important)

1️⃣ Packet Filtering Firewall

🔹 Works at Network & Transport layers

✔ Checks:

  • Source IP

  • Destination IP

  • Port

  • Protocol

❌ Cannot inspect data content

📌 Fast but basic security

2️⃣ Stateful Inspection Firewall

🔹 Tracks active connections

✔ Understands TCP sessions
✔ Blocks fake packets

📌 Much stronger than packet filtering

3️⃣ Proxy Firewall (Application-Level Gateway)

🔹 Acts as a middleman

✔ Hides internal IPs
✔ Inspects application data

❌ Slower

📌 Used for high-security environments

4️⃣ Next-Generation Firewall (NGFW)

🔹 Most advanced firewall

✔ Features:

  • Deep Packet Inspection (DPI)

  • Application awareness

  • Intrusion Prevention (IPS)

  • Malware protection

📌 Examples:

  • Palo Alto Networks

  • Fortinet

  • Cisco

5️⃣ Web Application Firewall (WAF)

🔹 Protects web applications

✔ Blocks:

  • SQL Injection

  • XSS

  • CSRF

📌 Used for websites & APIs

 Firewall Deployment Types

Type Description
Network Firewall Protects entire network
Host-based Firewall Protects individual system
Cloud Firewall Secures cloud resources

Attacks Firewalls Can Prevent

✔ Port scanning
✔ Unauthorized access
✔ Malware communication
✔ DDoS (partial protection)
✔ IP spoofing
✔ Command & control traffic

⚠️ Firewalls cannot stop:

  • Insider threats

  • Encrypted malicious traffic (without DPI)

  • Social engineering

Firewall Rules (Security Core)

Example Rule Logic:

ALLOW 192.168.1.0/24 → Port 80
DENY ANY → Port 23

📌 Best practices:

  • Deny by default

  • Allow only required services

  • Regularly review rules

Firewalls & OSI Model

Firewall Type OSI Layer
Packet Filter Layer 3–4
Stateful Layer 3–4
Proxy Layer 7
NGFW Layer 3–7
WAF Layer 7

 Firewalls vs IDS/IPS

Firewall IDS/IPS
Blocks traffic Detects/blocks attacks
Preventive Detective + Preventive
Rule-based Signature/behavior-based

📌 Best security = Firewall + IDS/IPS

 Real-World Cyber Security Example

🔐 A company allows only:

  • HTTPS (443)

  • SSH (22) from admin IP

🚫 Blocks:

  • Telnet

  • FTP

  • Unknown ports

➡️ Result: Reduced hacking risk

 Career Tip (Important for You 🎯)

Firewall knowledge is required for:

  • SOC Analyst

  • Network Security Engineer

  • Ethical Hacker

  • Cloud Security Engineer

📌 Asked in CEH, Security+, interviews

🧠 Key Takeaway

✔ Firewall = Gatekeeper
✔ Rules decide security
✔ Misconfiguration = vulnerability

🔥 A strong firewall with weak rules is still weak security

You may also like...