Understanding Firewalls

As I explained in Chapter 18, a firewall is a program that protects your resources by filtering network packets. Firewalls can be run as part of another piece of software. For example, your Wi-Fi access point/router almost certainly provides some kind of firewall capabilities. Firewalls can also be run as individual programs on computers (for example, the personal firewall programs explained in Chapter 18). Finally, sophisticated firewalls can be run on servers dedicated to that purpose, although this generally only happens in enterprise-class setups.

Firewalls enable a network administrator to determine which clients inside a network can access network resources, and which ports can be used from outside the network to access the network. In case you are wondering, a network port is a logical endpoint on the network. The port number identifies the kind of traffic that uses the port. For example, port 80 is used to connect to a Web server using the HTTP protocol.

Effectively, firewalls can be used to isolate portions of a network topology from the rest of the network, and from the Internet. This is another way of saying that you can use a firewall to limit access both to and from the Internet.

Figure 19.2 shows the administrative panel used by the Linksys Wireless Broadband Router. IP filtering is reached via the Advanced tab on the access point's administrative application.

Figure 19.2. Setting IP filtering using the firewall capabilities built into this access point allows you to control traffic into (and from) the network.

[View full size image]