What’s a Firewall?
A Firewall is a security device that can take the form of a software program or dedicated network appliance. It’s main purpose is to separate a secure area of your system or database from areas that are less secure, as well as to control communications between those two areas. While firewalls can actually perform several additional functions, they are primarily responsible for acting as a gatekeeper, controlling both inbound and outbound communications on everything from a single machine or an entire network.
Software firewalls, which are sometimes called “personal firewalls,” are designed to operate on a single computer. Network’s that primarily operate with the Small Office Home Office (SOHO) infrastructure often use personal firewalls to protect wired and wireless component. A software firewall seeks to stop unwanted access to the computer that is linked to a network connection by identifying and then preventing communications over questionable or risky ports.
Software firewalls also permit certain programs on a user’s computer to gain access to the Internet, most often only by the user’s express permission. In addition, there are times when software firewalls permit configurations of trusted zones, where unlimited communications are allowed in and out, over a wide variety of available ports.
A disadvantage of software firewalls is that they are software operating on a private computer, therefore if the underlying operating system becomes compromised then the firewall can be as well.
Hardware firewalls, by comparison, are far more complex. While they, too, incorporate software components, they either run on a specially-engineered network appliance or on a server optimized for the task of specifically running the firewall.
Hardware firewalls are often placed in areas that separate an organizations trusted network from the untrusted internet. An organization’s Blue Team configures network firewalls while the Red Team runs tests to check the efficacy of the solution configurations.
Threatcare, the leader in Proactive Data Security, offers the Threatcare Suite. The Suite is an Enterprise SaaS that acts as a virtual purple team. The Threatcare Suite can execute BAS (Breach and Attack Simulations) as well as a wide variety of other simulations to test your defense in depth.