The importance of the information for the achievement of objectives and targets in an organization has led it to be considered in many cases, as the most important asset. Due to the value attached to it, the information is subject to various threats, such as theft, counterfeiting, fraud, disclosure and destruction for this reason and we will see why the importance of the firewall.
The risks to which such information is exposed lead to the need to develop trustworthy environments, but achieving this is a complex and multifactorial problem. For this reason, security approaches such as defense in depth have been developed.
One of these layers is the perimeter, the logical boundary that divides the corporate network from other networks, including the Internet. In the so-called perimeter security, the firewall continues to have validity as a network protection mechanism and has been an essential element since its appearance 25 years ago.
The importance of firewall is very high especially in work environments for all the risks that one is exposed and we will see why.
Main importance of firewall in work environment
The firewall operates as a filter that examines all packets that are directed towards the corporate network and compares the information in the header with previously established rules. If the IP address and port are valid according to the rules, the packet is delivered, otherwise it is discarded. The same operation is carried out with the packages that are sent from the interior to the Internet.
Therefore, by dropping packets that are not allowed and consequently avoiding connections that are not valid according to the rules, the firewall can prevent the spread of malicious code through the network.
However, it will not be able to protect against threats such as phishing or scam, since for the vast majority of organizations email is essential in their operations, so it is not blocked. Nor can it protect against a malware infection, whether it arrives as an attachment or through removable media.
Now, how are the filtering rules defined? Basically, connections are allowed or denied access based on criteria and rules that are defined. If a restrictive approach is applied, all connections are blocked except those that are explicitly allowed. Conversely, if you use a permissive approach, all connections are accepted except those that are explicitly restricted.
The firewall configuration depends largely on the approach used, as well as the services that are offered, the services required by the members of the organization to carry out their tasks and the assets that are intended to be protected.
