Firewalls

2.5 Compare and contrast common networking hardware devices

📘CompTIA A+ Core 1 (220-1201)

A firewall is a network security device that monitors, filters, and controls incoming and outgoing network traffic. Its main job is to protect networks and devices from unauthorized access, malware, or malicious activity while allowing legitimate traffic.

Firewalls can be hardware devices, software programs, or a combination of both.

1. Purpose of a Firewall

Firewalls are used to:

  1. Block unauthorized access
    • Prevent hackers or unknown devices from accessing your internal network.
  2. Allow safe communication
    • Permit specific types of network traffic (like web browsing on port 80 or email on port 25) while blocking others.
  3. Filter traffic based on rules
    • Firewalls use rules or policies to decide what traffic is allowed or denied.
  4. Monitor network activity
    • Log suspicious or unusual connections for security analysis.

2. Types of Firewalls

Firewalls can be categorized based on where they operate in the network and how they inspect traffic.

A. Hardware Firewalls

  • Standalone devices installed between a network and the internet.
  • Often found in corporate networks or at the edge of small office networks.
  • Pros:
    • Dedicated device – doesn’t rely on computer resources.
    • Can handle large amounts of traffic.
  • Example: A firewall device installed at a company’s internet gateway controlling all traffic coming into the office network.

B. Software Firewalls

  • Installed on individual computers or servers.
  • Protects that specific device from threats.
  • Example: Windows Firewall or macOS built-in firewall.

C. Next-Generation Firewalls (NGFW)

  • Advanced hardware firewalls with deep packet inspection, application awareness, and intrusion prevention.
  • Can detect malware or suspicious activity inside allowed traffic.
  • Example: Blocking a risky software from communicating with the internet even if it uses a normal web port like 443.

3. Firewall Inspection Methods

Firewalls can inspect network traffic using different techniques:

A. Packet-Filtering Firewall

  • Examines each packet’s header (source IP, destination IP, port) but does not look inside the data.
  • Fast but basic.
  • Example: Blocking all traffic from an external IP address.

B. Stateful Inspection Firewall

  • Keeps track of the state of connections (like TCP handshakes).
  • Can allow only packets that are part of a valid session.
  • Example: Allowing web browsing to continue after a user successfully initiates a connection, but blocking stray packets.

C. Proxy Firewall (Application-Level Firewall)

  • Acts as a middleman between the device and the network.
  • Can inspect actual content of traffic (HTTP, FTP, email).
  • Example: Scanning an HTTP request to prevent malware from downloading.

4. Firewall Rules and Policies

Firewalls use rules to determine whether to allow or block traffic. These are based on:

  1. IP addresses – Source or destination.
  2. Ports – Which service or application is being accessed.
  3. Protocols – Such as TCP, UDP, or ICMP.
  4. Time or schedule – Some firewalls allow rules only at certain times.

Example:

  • Allow outgoing web traffic (TCP port 80 and 443).
  • Block incoming remote desktop connections (TCP port 3389) from the internet.

5. Common Uses in IT Environments

  • Corporate network security: A firewall blocks external hackers but allows employees to use web services.
  • Segmenting networks: Firewalls can separate sensitive areas, like a server network, from general employee devices.
  • Monitoring traffic: Logs are analyzed to detect attempted attacks.
  • VPN support: Firewalls can allow secure remote access to the company network.

6. Exam Key Points to Remember

For the CompTIA A+ Core 1 exam, remember:

  1. Purpose: Block unauthorized traffic, allow safe traffic, and monitor activity.
  2. Types: Hardware, software, and next-generation firewalls.
  3. Inspection methods: Packet-filtering, stateful inspection, proxy (application-level).
  4. Rules: Firewalls use IP addresses, ports, protocols, and schedules to control traffic.
  5. Real IT examples: Corporate network edge protection, network segmentation, VPN access, traffic monitoring.

7. Quick Comparison for Exam

FeatureHardware FirewallSoftware FirewallNGFW
LocationBetween network & internetOn deviceBetween network & internet
PerformanceHighDepends on deviceHigh
InspectionBasicLimitedDeep packet & application-level
Use CaseEnterprise, network edgeIndividual deviceEnterprise with advanced security
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by