data SECURITY USING FIREWALL
DATA SECURITY USING FIREWALL
1.1 General Introduction
Computers and networking are now interwoven. Every second, a number of confidential transactions take place, and computers are now mostly utilised for data transmission rather than data processing. It needs to provide remedial action taken to protect against viruses, prevent data hacking, and offer verified data transfer.
A firewall is a device or set of instruments that is designed to permit or deny network transmissions based on a set of rules and regulations that are frequently used to protect networks from unauthorised access while allowing legitimate communications to pass or during sensitive data transmission.
It is a collection of components that is located between two networks and filters traffic between them using some security policies.
A firewall can protect a local system or network systems from network-based security risks while also allowing access to the outside world via wide area networks and the internet (Bellovin, 2019).
Traditional firewalls (Conventional firewalls) are devices that are often positioned on the network's border and operate as a bouncer, letting only particular sorts of traffic in and out of the network.
They are also known as perimeter firewalls. They divide the network into two sections: trusted on one side and untrustworthy on the other.
As a result, they are significantly reliant on network topology. Furthermore, firewalls are a policy control technique that allows a site administrator to create an external access policy. Similarly to how file permissions impose an internal security policy, they can also enforce an exterior security policy.
Distributed firewalls are host-resident security software solutions that safeguard company network servers and end-user devices from unauthorised intrusion.
They have the advantage of filtering both Internet and internal network traffic. This allows them to prevent hacking assaults from both the Internet and the internal network. This is significant because the most expensive and destructive attacks still originate within the organisation.
Centralised administration is a feature of distributed firewalls. The capacity to populate servers and end-user machines, as well as create and “push out” uniform security policies,
assists in making the most of limited resources. The capacity to centrally collect reports and keep updates makes dispersed security feasible.
Distributed firewalls are beneficial in two ways. End-user machines can be secured remotely. Second, they secure key network servers by preventing malicious code intrusion and “jailing” other similar code by not allowing the protected server to be utilised as a launch pad for wider attacks (Gatus, 2014).
They are typically put behind a regular firewall to give a second layer of defence. They function by allowing only necessary traffic into the machine they safeguard, while blocking all other types of traffic to prevent undesired intrusions.
Whereas the perimeter firewall must protect network servers with a generalist, lowest common denominator approach, distributed firewalls behave as specialists.
A firewall is a device or combination of instruments that allows or denies network transmissions based on a set of rules and regulations.
They are commonly used to secure networks from unauthorised access while allowing legitimate communications to pass or during sensitive data transmission.
Distributed firewalls enable the execution of security regulations on a network without limiting its topology from the inside or outside.
The use of a policy language and delegating its semantics to all network domain members facilitates the use of firewall technology in organisations where network devices communicate across insecure channels while still allowing a logical separation of hosts within and outside the trusted domain.
In the previous three decades, the requirements for data security have experienced three key shifts. The emergence of the computer was the first major change. It became clear that files and information needed to be protected.
The generic term for a collection of instruments designed to secure data and prevent hacker attacks is computer security. The advent of distributed systems, networks, and communication facilities for data communication was the second major change.
To protect data during transmission, data security procedures are required. The current, rapid development of wireless networks and mobile communications is the third transition. As a result, data security is now a top focus (Jayesh 2017).
1.2 The Evolution of Distributed Firewalls from Traditional Firewalls
A firewall is a device or combination of instruments that allows or denies network transmissions depending on a set of rules and regulations.
It is commonly used to secure networks from unauthorised access while allowing legitimate communications to pass or during sensitive data transmission. Distributed firewalls enable the enforcement of security regulations on a network without limiting its topology from the inside or outside (Li, Wei. (2020).
The use of a policy language and the centralised delegation of its semantics to all members of the network domain support the use of firewall technology for organisations in which network devices communicate over insecure channels while still allowing a logical separation of hosts in- and outside the trusted domain.
We explain the general notions of such distributed firewalls, their requirements and implications, and their appropriateness to prevalent Internet threats, as well as a brief discussion of current implementations.
A firewall is a set of components that sits between two networks and filters traffic based on some security policy.
The fundamental design of a firewall
The following are some issues with traditional firewalls that lead to Distributed Firewalls.
It is determined by the network's topology.
Networks should not be protected from internal attacks.
FTP and RealAudio protocols are not supported.
There is only one entry point, and its failure causes complications.
Unable to prevent “spoofed” transmissions (those that use bogus source addresses).
To address these issues while keeping the benefits of traditional firewalls, the notion of “distributed firewall” is presented.
1.3 The Benefits and Drawbacks of Using Firewalls for Data Security
The introduction of distributed firewalls provided various solutions to difficulties that conventional firewalls could not readily address. The benefits of distributed firewalls are as follows ((Jayshri,2017):
One of the primary benefits of distributed firewalls is topological independence. Because network security is no longer dependent on network topology,
it allows for greater freedom in creating the security perimeter. When necessary, the security perimeter can be readily extended to cover remote hosts and networks.
In contrast to traditional firewalls, network security is no longer reliant on a single firewall to manage issues such as performance bottlenecks and traffic congestion.
Furthermore, because a substantial amount of filtering is conducted at the end hosts, the load on the traditional firewall is minimised (Jayshri, 2017).
As previously stated, filtering some protocols such as FTP is difficult on a traditional firewall. Such a process is much easier on distributed firewalls since all of the necessary information is available at the decision point, which is typically the end host.
In terms of network administration, the quantity of outbound connections does not provide many challenges. Adding or deleting existing links has no effect on network security.
Similarly, backdoor connections formed by insiders, whether purposefully or unintentionally, do not introduce new threats to network security in distributed firewalls (Jayshri, 2017).
Benefits of Data Security:
Data protection aids in the security and protection of personal information.
It safeguards sensitive data such as commercial transactions and financial statements.
As a result, people are more likely to acquire commodities or services online. As a result, it improves revenue for businesses both offline and online.
It improves the quality of both stored data and data during transactions.
It is not dependent on any one technology. It is applicable to all.
It lowers the possibility of financial loss.
It keeps competitive companies from stealing company recipes, project/product information, and software.
Data Protection Drawbacks or Disadvantages
The following are the obstacles, limitations, and downsides of Data Protection implementation:
Consumers lose trust when data protection policies or procedures are inadequate. Furthermore, strict data protection has a negative impact on the digital economy.
As a result, data security must be optimised.
There is no single global data protection agreement.
Advances in technology and business practises threaten and influence data protection. The relationship between data security and internet behaviours is always shifting.
Maintaining data protection principles is costly and time demanding.
Employees and stakeholders in business establishments must be trained through the provision of relevant training courses.
It is critical to employ suitable technical and organisational safeguards to prevent unauthorised or unlawful processing of personal data. This is quite difficult to handle.
Personal data shall not be transmitted to a nation or territory other than the one from which it originated. This is a violation of data protection rules unless the country maintains a sufficient level of data protection and data processing.