Internet Firewall » Internet Firewall Security » Internet Firewall: Hardware/Network Layer Firewalls


Internet Firewall: Hardware/Network Layer Firewalls

Rated: Average Rating : 6.89 From 9 Voter(s)


As we have learned in our first article, there are two main types of firewalls: software and hardware firewalls. In this article, we shall take a look at how hardware-based or network layer firewalls work and how they differ from firewall software.

Hardware firewalls work at a lower level compared to their software counterparts. Since they typically act at the network layer and often at the boundary of several networks (including demilitarized zones or DMZs), hardware firewalls are also called network or network layer firewalls.

How do Hardware Firewalls Work?

This type of firewall filters IP (Internet Protocol) packets, which are small pieces of data entering your computer. Through specified filtering rules that may either be preconfigured out of the box or customized by the network administrator, the firewalls decide whether or not a packet is deemed safe and can reach the destination computer. Network firewalls decide by first checking certain information that is contained and can be deduced from the packets, e.g., source port, destination port, IP address, destination service/protocol as well as source domain name, time to live (TTL) values, and others.

For hardware firewalls, the most restrictive setup possible is the automatic blocking of all packets unless they meet certain requirements. On other occasions, one would prefer something more flexible: one that allows packets to pass so long as they don't match any or more of the "deny rules" or "negative rules". Of course, the second configuration is a lot weaker than the first, but both have their own set of pros and cons.

How do You Install a Hardware Firewall?

Computers that hook up to the Internet using a broadband connection, or ones that belong to a local network as in an office are most likely to have firewalls installed in them already; most broadband routers also act as firewalls. If your computer does not have a firewall, it would be wise to install a firewall device already since it is fairly easy to do so, and is especially helpful for broadband network connections. As mentioned earlier, firewall hardware are usually preconfigured right out of the box so you need not exert a lot of effort setting up the device to get it working properly.

To make sure that you're indeed protected, testing your security with third-party software or websites should be enough. Of course, getting help from an expert may be the best way to go—from installation to testing to maintenance to troubleshooting to answering all your other questions.



Print Article Print Article  |  Send to a friend Send to a friend  |  Save as PDF Save as PDF

Rate this Article :
  1     2     3     4     5     6     7     8     9     10  
Terrible Excellent