About Me
MikroTik Certified Internetworking Engineer (MTCINE)
1 Introduction to Networking
1-1 Basic Networking Concepts
1-2 OSI Model
1-3 TCPIP Model
1-4 Network Devices
1-5 Network Topologies
2 MikroTik RouterOS Basics
2-1 Introduction to RouterOS
2-2 RouterOS Interface
2-3 Basic Configuration
2-4 User Management
2-5 System Logging
3 IP Addressing and Subnetting
3-1 IPv4 Addressing
3-2 Subnetting
3-3 IPv6 Addressing
3-4 IPv6 Subnetting
3-5 NAT and PAT
4 Routing
4-1 Static Routing
4-2 Dynamic Routing Protocols
4-3 OSPF
4-4 BGP
4-5 EIGRP
5 Wireless Networking
5-1 Wireless Basics
5-2 Wireless Security
5-3 Wireless Configuration
5-4 Wireless Bridging
5-5 Wireless Repeaters
6 VPN Technologies
6-1 VPN Basics
6-2 IPsec VPN
6-3 OpenVPN
6-4 L2TPPPTP
6-5 SSL VPN
7 Quality of Service (QoS)
7-1 QoS Basics
7-2 Traffic Shaping
7-3 Policing
7-4 Prioritization
7-5 Queue Types
8 Firewall and Security
8-1 Firewall Basics
8-2 Firewall Rules
8-3 NAT Rules
8-4 Filtering Rules
8-5 Hotspot and Captive Portal
9 Advanced Topics
9-1 VLANs
9-2 MPLS
9-3 High Availability
9-4 Load Balancing
9-5 Monitoring and Troubleshooting
8.1 Firewall Basics Explained

8.1 Firewall Basics Explained

Key Concepts

1. Firewall Overview

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks, such as the internet.

Example: Think of a firewall as a security guard at the entrance of a building. Just as a security guard controls who enters and exits, a firewall controls which network traffic is allowed to pass.

2. Types of Firewalls

There are several types of firewalls, each with its own strengths and weaknesses:

Example: Consider different types of security systems in a building. A packet filtering firewall is like a basic door lock, a stateful inspection firewall is like a security camera that tracks who enters and exits, a proxy firewall is like a receptionist who screens visitors, and an NGFW is like a comprehensive security system with cameras, alarms, and access control.

3. Firewall Rules

Firewall rules define the conditions under which network traffic is allowed or denied. These rules are based on criteria such as source IP address, destination IP address, port number, protocol, and time of day.

Example: Think of firewall rules as a set of instructions for a security guard. Just as a security guard follows specific instructions to allow or deny entry, a firewall follows predefined rules to allow or deny network traffic.

4. Stateful vs. Stateless Firewalls

Stateful firewalls maintain information about the state of active connections, allowing them to make more informed decisions about incoming and outgoing traffic. Stateless firewalls, on the other hand, do not maintain connection state and make decisions based solely on individual packets.

Example: Consider a stateful firewall as a security guard who remembers who has entered and exited the building. A stateless firewall is like a guard who only checks each person's credentials without remembering previous interactions.

5. NAT and Firewalls

Network Address Translation (NAT) is a technique used to modify IP address information in packet headers. NAT can be used in conjunction with firewalls to enhance security by hiding internal IP addresses and reducing the number of public IP addresses required.

Example: Think of NAT as a cloak that hides the identities of people inside a building. Just as a cloak can protect individuals from being seen, NAT can protect internal IP addresses from being exposed to external networks.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.