How is a firewall set up?

What is actually a Firewall?

The following explanations give an extremely rudimentary insight into the different functions of firewalls. To make it easier to understand, let's stick with the picture of the bouncer dealing with incoming parcels:

The standard firewalls contain so-called packet filters. You look, figuratively speaking, at the address label of every data package and decide, based on a static set of rules, whether it can be delivered or delivered. This function is a basis of all firewalls.

A further development stage is the so-called stateful inspection, which is also described as dynamic packet filtering. The static rules have been expanded here and, in brief, expanded to include the investigation of the connection status. It is checked, so to speak, whether the recipient of the package is ready to receive the package, can and wants to accept it. If a connection is established successfully, it is also subject to certain rules and is strictly monitored.

The next optional stage is the filtering of data streams at the application level, also known as a proxy firewall. Here, the packages are not only viewed and passed on, but their content is also checked. This procedure is known as deep packet inspection. For this purpose, several packets can be held at the entrance until it is clear “Everything is ok, on to the recipient.” Frequently, rules in the proxy are used to block active website content through the firewall in order to prevent the computer from being infected.

Modules for the detection of unauthorized interference (Intrusion Detection System, IDS for short) and also the prevention of unauthorized interference (Intrusion Prevention System, IPS for short) offer expansion options for a complex firewall. A firewall can also be an end point for a VPN tunnel.