This chapter is from the book
This chapter is from the book
This chapter is from the book
Firewalls
Today, firewalls are an essential part of a network’s design. A firewall is a networking device, either hardware or software based, that controls access to your organization’s network. This controlled access is designed to protect data and resources from outside threat. To do this, firewalls are typically placed at entry/exit points of a network. For example, a firewall might be placed between an internal network and the Internet. After the firewall is in place, it can control access in and out of that point.
Although firewalls typically protect internal networks from public networks, they are also used to control access between specific network segments within a network. For example, you might place a firewall between the Accounts Department and the Sales Department.
As mentioned, firewalls can be implemented through software or through a dedicated hardware device. Organizations implement software firewalls through network operating systems (NOS) such as Linux/Unix, Windows servers, and Mac OS servers. The firewall is configured on the server to allow or permit certain types of network traffic. In small offices and for regular home use, a firewall is commonly installed on the local system and configured to control traffic. Many third-party firewalls are available.
Hardware firewalls are used in networks of all sizes today. Hardware firewalls are often dedicated network devices and can be implemented with very little configuration and protect all system behind it from outside sources. Hardware firewalls are readily available and often combined with other devices today. For example, many broadband routers and wireless access points have firewall functionality built in. In such a case, the router or WAP may have a number of ports available to plug systems into.
Network Devices Summary
The information in this chapter is important for the Network+ exam. To summarize our coverage of network devices, we have placed some of the key points about each device in Table 3.3. You should learn this information well.
Review Break
Table 3.3 Network Devices Summary
|
Device |
Function/Purpose |
Key Points |
|
Hub |
Connects devices on a Ethernet twisted-pair network. |
A hub does not perform any tasks besides signal regeneration. |
|
Switch |
Connects devices on a twisted-pair network. |
A switch forwards data to its destination by using the MAC address embedded in each packet. |
|
Bridge |
Connects LANs to reduce overall network traffic. |
A bridge allows or prevents data from passing through it by reading the MAC address. |
|
Router |
Connects networks together. |
A router uses the software-configured network address to make forwarding decisions. |
|
Gateway |
Translates from one data format to another. |
Gateways can be hardware or software based. Any device that translates data formats is called a gateway. |
|
CSU/DSU |
Translates digital signals used on a LAN to those used on a WAN. |
CSU/DSU functionality is sometimes incorporated into other devices, such as a router with a WAN connection. |
|
Network card |
Enables systems to connect to the network. |
Network interfaces can be add-in expansion cards, PCMCIA cards, or built-in interfaces. |
|
ISDN terminal adapter |
Connects devices to ISDN lines. |
ISDN is a digital WAN technology often used in place of slower modem links. ISDN terminal adapters are required to reformat the data format for transmission on ISDN links. |
|
WAP |
Provides network capabilities to wireless network devices. |
A WAP is often used to connect to a wired network, thereby acting as a link between wired and wireless portions of the network. |
|
Modem |
Provides serial communication capabilities across phone lines. |
Modems modulate the digital signal into analog at the sending end and perform the reverse function at the receiving end. |
|
Transceiver |
A device that can be both a transmitter and a receiver of signals. |
A transceiver is a device that functions as a transmitter and a receiver of signals such as analog or digital. |
|
Firewall |
Provides controlled data access between networks. |
Firewalls can be hardware or software based and are an essential part of a network’s security strategy. |