Skip to main content

How Does Firewall Help In Cyber Security?

how does firewall help in cyber security image
Credit: Pixabay
Do I Need A Firewall To Protect My Company's Data?

How does Firewall help in cyber security can be compared with the following incident. The situation is highly relevant to the online security AND setting boundaries for your Networks.

Picture an internet security firewall as the planet 'Jupiter.' According Astronomers: Jupiter is up to 9 times Bigger than earth, because it shields us from random flying objects in space.

The heroic planet is positioned at such an angle. That it conveniently prevents asteroids or comets; from hitting the world's surface.

Why do we need cyber security?

Because the internet has none, it's open to the general public And assign the same trust to genuine nodes equally as it's weakest node.

How Does Firewall Help In Cyber Security?

The related incident OR real life experience below; is NOT directly tied to the internet. However the relationship between the two situations are identical in nature.

In the same way that Network Security Firewalls don't accurately resembles, the actual traditional fireproof walls. Which was built as a boundary to prevent fire from spreading.

While a network firewall as a traffic-proof barrier. Designed to stop harmful or doubtful traffic from contaminating your network.

But the same way fire can destroy your property, so can malicious traffic destroy your resources.

Likewise are the story below related to data leaks to an unauthorized user. Which is an ideal example of how a 'tiny detail' can BE Bigger AND more costly; than you may Expect.

What is An Example Of A Cybersecurity Incident?

When I first started working in the Telecoms Industry;as a call centre consultant.

A cellphone number on call history of itemized billing, could have Been used against the customer.

It was all the evidence needed to destroy his reputation AND he could have sued the Company.

The Particular Call Lasted Up To 60 Minutes

The wife of the account holder contacted the call centre. Her call came through on my line. She was very well-manner.

And simply asked for a few numbers contacted from her husbands cellphone number.

On a specific date; between certain time frames.Which could be clearly seen on his itemized itemized billing. But according the Company's policy, I was not allowed to give it to her.

She Was A Secondary Account Holder:

A Primary Account Holder had an option to add a Secondary user's name. But even that only allowed the secondary person to limited information on their own number.

  • A secondary account holder could not activate additional services on behalf of the Primary user.
  • The could not get information on the Primary users number or accounts.
  • Their access were only restricted to basic account information on their own number.
How Harmful Can A Previously Dialed Cellphone Number Be?

This really didn't make any sense to me. I mean the lady spent almost an half an hour, or more.

Trying to convince me, that it's only a previously dialed number from her husband's cellphone. But had to stick to the Company policy and avoid all her advances.

The Reasons Behind Customer Privacy Protection:

After the call ended I consulted my supervisor. I just couldn't understand "Why" a simple number on her "husbands" contact number could be is highly regarded.

This Is How My Supervisor Explained The Security Policy:

He mentioned the reasons behind the madness OR at least What seemed as madness to me.

Firstly: The primary user can access view his call history OR itemized billing online.
I advised his wife on the above option. So if he wanted her to view details on his account, he could simply hand her his login details.
Secondly They could be filing for divorce OR experience some marital dispute.
This particular number could BE difference in their dispute. And serve as Evidence of some misconduct or disloyalty. Which is their problem, not the Company's.

The Danger Of Leaking Customer Information

The primary users wife could have used her confirmed evidence against him. By default this will backfire on the Company.

And Result In The Following Issues:
  1. Privacy Violation: The customer could lose money, property, credibility OR whatever was at stake. Meaning we destroyed a well-paying external stake holder.
  2. Lawsuits: The primary can file a lawsuit and the Company could lose thousands of dollars.
  3. Professional Reputation: For businesses to do well, reputation means everything. Customer Information leaks don't look good on an investment profile or professional entity.

The above is only an overview there are way more risks. Including losing my job, getting blacklisted from getting a job in the industry, or even worse imprisonment.

How Does Personal Information Leaks Relate To Cybersecurity?

Let's use the above story as an example. In the above case "a dialed number by a spouse" was the key evidence against the primary user.

It Relates To The Following Common Online Attacks:

Banking Account Login details: It's a no brainer "Why" attackers targets consumers instead of businesses. They save on the cost of attempting hit a "Company" by targeting unprotected consumers.

  1. There are many failed attempts which can be clearly seen if your use intuitive antivirus programs.
  2. Many Good antivirus software shows reports on its interface. Where can clearly see all the dangerous attempts to access your network; but were blocked.
  3. As you may already know that the internet is an information bank, where all the world's knowledge is saved.
Including your personal information:

So even someone who lack expertise can simply research a way to capture sensitive data.

One of the major problems of the internet is that it trusts and welcome everyone. Intellectual knowledge are readily available to every online citizen.

This means someone with online criminal intentions, can take advantage of any-to-any connections AND further their remote stealing plans.

Thus it's up to you to set your access restrictions on your home or business network.

What Are The Types Of Cybersecurity Attacks?

why do I need an internet security firewall for network picture
Mikechie Esparagoza from Pexels


When your connect to a platform, there is a two way conversation; between you AND the platform.

There is a possibility where a third party can unknowing come between the two-way conversation and listen to the discussion. Which is known as Eavesdropping.

As packets travels through several servers. A privileged user, smart software, automation OR special devices can be used; to expose the private connection's details to cybercriminals.

Data and Password Theft

Referred to as packet grabbers; which is a process where your online activities are spied upon.

  • With an automatic recording process that creates identical copies of all your private data; when it passes through a central point of the connection.
  • Password stealing programs follows the same process as the above, it saves your user details, similar like the 'remember me' process on a website. But in this case on a middle node.

A good example of password theft. Is managerial software OR technical support programs.

That provides special privileged for managers to monitor an employee's online activities on work stations.

Which comes in handy during investigations OR to access customer information if the employee is absent, etc.

The only difference in the case of "password grabbers" is that it's used with malicious intent OR it simply landed in the Wrong hands.

Most of these programs were created for Special Purposes AND with good intentions. Likewise is it intended for tertiary OR well-educated trained managers.

The Problem Only Comes In: When inexperience, ignorant OR criminal minded Folks gets access to these programs.

Which is sadly the case these days, because there ARE proprietary software information leaks. And anybody, anywhere can Get access to these intrusive programs; through the internet.

Strong Passwords Are Good: But NOT Enough these days. Because of powerful software like these are Scattered all over the Web. Which can easily BE obtained by any dangerous mind.

The Good News: Learning about these threats, which you are busy doing by reading this article. The first rule in cybersecurity is Knowledge about potential threats.

The Second Step is the eliminate these weaknesses One By One. Secure your network through encryption, install your internet security firewalls AND antivirus software programs.

What Is An Example Of A Cybersecurity Incident?

Address Spoofing: Is a process where you connect to a specific destination. Let's use you online banking facility OR online learning portal. Instead the IP is diverted to the cyber attackers look alike platform.

The origin address on an IP packet is important for reliable routing. However if it's tempered with through some automated system.

It can lead to situations where you treat the false destinations, as reliable sources. In doing so you may type your login details on a hacking portal.

This resorts to a process where you unknowingly give your details to the online manipulators.

The most common examples of address spoofing. Is when you receive an Attention Grabbing Email with a link:

  • It may a "Security Alert" from what appears as you online banking facility. Which looks professional AND trustworthy on the surface with logo, professional email address (with the banks name), etc.
  • Requesting you to change your password. Since suspicious activity was detected on your account.
  • The email may have a link (supposedly your banking website's address). When you click the link, it connects to a cloned (fake duplicate) website.
  • As a result you first have to access the account with previous user name AND password; before you change it.
  • Unknowingly you're connecting to a dummy platform, that simply records your login details. Which you willingly give to your attackers.

The address spoofing is NOT only restricted to emails. It can also be done on the internet.

Although some websites may have changed their addresses AND routes users to the new address. Others may be related to spoofing attacks.

1) Internet Security Firewalls: Can detect AND eliminate malicious links, traffic OR unreliable sources; from your path.

2) Some Antimalware Suits From Avast, ESET, AVG and many more reputable antivirus programs. Has intuitive online scanners that can also remove the obstacles.

Trojan Horses: Programs Whose Intentions are not consistent with their appearances

A Trojan Horse is something that may be considered useful like: Antivirus software, game, document, tool OR Smart App. While in the background it's a threat.

In computers it's considered lethal because it hides its malicious programs, behind its practical features. To such an extend where it can escape some malware scanners.

It's normally used in a combination with other malware, such as; spyware, rootkits and other viruses. They evolved into more advanced 3rd Generation Backdoor Trojans.

Which can easily Give an unauthorized user privileged access, escape detection AND take control of your network.

The criminals can safely browse your system, while you're connected and you wouldn't even notice it.

  • Trojan Horses can be hidden in your data traffic, because they are in harmony with most internet protocols.
  • They can move through your browser, files, images, PDF, emails, etc.
  • Trojans are usually well hidden in programs that triggers your download impulses, famous Applications and reputable online tools.

Once they on your system they can easily do what it was sent for. They are NOT really viruses. However they can BE mixed with viruses.

Normally a Trojan doesn't create duplicates of itself AND that sets it Apart from Macro Viruses.

But if they're mixed with viruses they may spread, because viruses creates copies if itself. So the fact that they ARE flexible makes them even more Undesirable AND difficult to remove.

Filters Prevents Dangerous Traffic

Filters help to purify data by allowing traffic from trustworthy zones, while untrustworthy data traffic.

If it detects that the information comes from a certified platform OR recognized network it may accept it as legit. But unknown systems or content are denied.

This is ideal measures for resisting fake websites AND spoofing. As it will measure the source on the criteria protocols, origin address AND may also operate on a combination of origin, protocol, and where it was sent to.

Filters Is Highly Recommended For Good Network Defense

It's emotional draining to perform online duties. While stressing about bad links OR network attacks. Filters will sort out your traffic AND restrict most of the unwanted threats.

One of the Major problems is separating OR recognizing disorderly data from genuine. Filters is an automated programs that works in your favor.

Filters checks incoming data by verifying where it comes from, the address it was set to AND quality of the traffic.

  • Filters prevents suspicious transmissions And only permit Traffic from trusted origins to flow.
  • If your allow filtering on originating address, it protects your network from permitting unreliable traffic altogether.

Wireless Routers Secures Your Network

Routers directs your network traffic AND they can be a powerful weapon in Cyberwars. There are several WAYS how routers Can protect your systems, as oppose to Modem only connects.

  • WiFi Routers provides easier networks for homes and business.
  • Setting up strong passwords of up to 15 mixed characters AND changing them ever 3 weeks, can prevent brute-force attacks.
  • The best place to put filters is your routers because they're are very much responsible for directing your networks traffic.

You can pretty much preserve your bandwidth, get better speeds, be more efficient. By managing your traffic, plus AVOID vulnerabilities of unknown sources.

Sort Packets by IP Address and Port

You can set specific rules to meet your internet security standards. This requires you to make smart traffic decisions. This can be accomplished by using origin, protocol AND destinations is a measuring factor.

For example filters through which a links is passed for purification. Are determined by which ports connections originates from And where its directed.

The IP address of a connection may be paired with a dedicated port, the same applies to certain emails AND their respective destination.

This process helps to quality legitimacy of traffic and also restrict it from Going elsewhere.

Efficiency, quality and safer online experiences are therefore supported. Instead of wasting resources on contaminated sources.

A Set Of Rules Defining How To Transmit Or Exchange Information, Across The Internet:

The internet are bulit on protocols, which are necessary for security, directing data and moving packets

Organizing and managing your throughput protocols, can lift your networks security levels higher.

Because traffic that doesn't meet basic standards would do you more harm, then help. There use your resources wisely by totally eliminating poor quality distractions.

Internet Security Firewalls

A most basic description of Firewalls is that it is a barrier between your network and the public internet. Let's explain it by the classes of information.

Let's categorize it in 3 Classes:
  • 1st Random data: Those are the type of information that are opinionated, free and all over the net.
  • 2nd Standard data: This type are factual, citations and references. Which makes it of a higher-quality then the first.
  • 3rd Premium data: Are usually very expensive, proven, tested and tried. It's the types that we pay for, for example: Scientific researched data, College educational content, medical breakthroughs, etc.
What If You Could Only Allow Good Information To Pass, While Rejecting junk?

This can be accomplished through connecting security hardware and software layers, known as firewalls. Now that sounded very simple! Right?

  • Firewalls are complex systems connected to your network AND the setup of it are different from network to network.
  • There are suitable policies that first has to put in place, before setup. Because it all depends on whether your network is new or already operational.
  • It protects malicious traffic from inside AND outside your network. As a result it maintains high quality network standards AND prevents threats.
Firewalls ARE Software And Hardware Products:

There are many are many products marketed as software based firewalls. Although they may be well-versed security products, they're not really the same in context.

  • Firewall Setups Requires IT Specialist: there are a lot more factors involved as simply buying something online.
  • Firewalls Are Sold By Consultation: It's NOT A one size fits all solution. There are many pointers to consider, discussing: Policies, existing systems, devices, Operating Systems, etc. Is only the tip of the iceberg.

Good Internet Security Firewalls Are Both Software And Hardware Versions

A robust firewall should be able to resist fire (dangerous traffic) equally; whether they are software OR hardware based.

  1. Software Protection: Is to prevent those attacks that may target your Windows Operating Systems, iOS, browsers, etc.
  2. Hardware Protection: Is for threats that may NOT comes directly from sources linked to your OS.
  3. Hardware based Protection are crucial for those threats originating from ports, or powerful burst of random traffic during peak hours.
Which may be Overwhelming For Software Stand Alone Internet Security

There are advantages AND disadvantages in every product. The same applies to hardware only OR software only protection.

There ARE just some laws of physics that can't be Manipulated. All these factors should be taken into Account.

For Example:
  1. Software versions may have to be installed on all the devices on your network.
  2. Hardware versions may miss attacks directed to your Operating Systems.
  3. Pair the two versions: Then you came up with a more solid combination to overcome opportunistic infiltration of malware threats.
A Network Firewall Will Less Likely Be Programmed To Disallow All Traffic...

At the cost of attempting to void threats. The profit of quality traffic is prioritized. Even in cases where some suspicious sources may be included.

Now each network carries its own burdens, threats AND weaknesses. This makes it irrelevant to Create A One size firewall package.

Network Firewalls Are Not Restricted To Two Levels

There can be many other shades between trusted zones AND bad zones.

To arrange the trust value of specific categories. Each interface is therefore allocated a security level in digital format OR colors.

For example there may be numbers ranging from 100 to 0. Where the digital value of hundred will be the most trusted sources.

While and digit lower like 90 a bit less trusted and 0 being malicious.

The ultimate goal is to decontamination or keep traffic standards high. So logically secure traffic from a higher rank, to lower value is sometimes permitted, as a default setting.

On the other hand lower security values to higher security destinations, must be configured OR authorized.

Firewall Services Falls Under The Following Categories:
  1. Proxying
  2. Packet Filtering
  3. Stateful Packet Inspection
  4. Network Address Translation (NAT)

Since data traffic or broadcasting is the top priority of the internet. Packet Filtering is the most prioritized service of firewalls.

Packets are purified by a filtering process as a result it can be permitted to pass through, or ultimately denied access. A Network Firewall Has A Wide Variety Of Range Specification:

  • The source address where the connection originates.
  • The Destination address where the packets are transferred to.
  • The Protocol Type examples such as: IP, TCP, CMP, FTP, SMTP, and so on.

Even after an internet security specialist confirmed your business requirements, policies, systems AND overall operations.

They still have to go a few levels deeper to merge their most suitable internet security solutions; with your organization.

Firewall helps to eliminate random threats in terms of cyber security. Keeping in mind that the internet's existence, essence OR entirety is built on vulnerabilities.