Support > About cybersecurity > What is a network-level firewall? What are the general characteristics of a firewall?
What is a network-level firewall? What are the general characteristics of a firewall?
Time : 2025-07-08 16:01:12
Edit : Jtti

  Speaking of firewalls,I believe everyone is familiar with them.After all,in the Internet age,firewalls are widely used.Today,JTTI editor will introduce to you what is a network-level firewall.What are the general characteristics of a firewall?What are the special features of a good firewall?Follow the editor to learn about it,learn to use firewalls,and better ensure the safety of network use.

  What is a network-level firewall?

  A network firewall is a special network interconnection device used to strengthen access control between networks.All network communications flowing in and out of the computer must pass through this firewall.The firewall scans the network communications flowing through it,so that some attacks can be filtered out to prevent them from being executed on the target computer.The firewall can also close unused ports.And it can also prohibit outgoing communications from specific ports and block Trojans.Finally,it can prohibit access from special sites,thereby preventing all communications from unknown intruders.

  In the world of the network,what needs to be filtered by the firewall is the communication packets that carry communication data.In the network,the so-called"firewall"refers to a method of separating the intranet from the public access network(such as the Internet).It is actually an isolation technology.A firewall is an access control measure implemented when two networks communicate.It allows people and data that you"agree"to enter your network,while keeping people and data that you"disagree"from entering,and prevents hackers in the network from accessing your network to the greatest extent possible.

  In other words,if you don't go through a firewall,people inside the company cannot access the Internet,and people on the Internet cannot communicate with people inside the company.

  In short,the main role of a firewall is to divide the network security boundary,achieve secure isolation of key systems from the external environment,and protect the internal network from external attacks.Compared with the traditional use of routers for protection,it provides more abundant security defense strategies and improves the datagram forwarding rate under security strategies.Since firewalls are used for security boundaries,they often have functions such as NAT ,and are more powerful than routers in this regard.

  What we usually call a network firewall is a metaphor borrowed from the ancient firewall that was really used for fire prevention.It refers to a defense system that isolates the local network from the external network.Fire prevention can isolate the internal LAN(LAN)of an enterprise from the Internet or other external networks,and limit network access to protect the internal network.A typical firewall has the following three basic characteristics:

  (i)All network data flows between the internal network and the external network must pass through the firewall

  This is the network location characteristic of the firewall,and it is also a prerequisite.Because only when the firewall is the only channel for communication between the internal and external networks can the enterprise network be fully and effectively protected from infringement.

  According to the"Information Assurance Technology Framework"formulated by the National Security Agency of the United States,the firewall is applicable to the boundary of the user network system and belongs to the security protection device of the user network boundary.The so-called network boundary is the connection between two networks with different security policies,such as the connection between the user network and the Internet,the network connection with other business units,and the connection between different departments of the user's internal network.The purpose of the firewall is to establish a security control point between network connections,and to audit and control the services and access in and out of the internal network by allowing,denying or redirecting the data flow through the firewall.

  The typical firewall system network structure is shown in the figure below.As can be seen from the figure,one end of the firewall is connected to the LAN within the enterprise and institution,and the other end is connected to the Internet.All communications between internal and external networks must pass through the firewall.

  What is a network-level firewall?

  (II)Only data flows that comply with security policies can pass through the firewall

  The most basic function of a firewall is to ensure the legitimacy of network traffic and,under this premise,quickly forward network traffic from one link to another.Starting from the earliest firewall model,the original firewall is a"dual-hole host",that is,it has two network interfaces and two network layer addresses.The firewall receives the traffic on the network through the corresponding network interface,uploads it in the order of the seven-layer structure of the OSI protocol stack,performs access rules and security reviews at the appropriate protocol layer,and then sends the messages that meet the pass conditions from the corresponding network interface,while blocking those that do not meet the pass conditions.Therefore,from this perspective,a firewall is a multi-port(network interface>=2)forwarding device similar to a bridge or router.It spans multiple separate physical network segments and completes the review of messages during the message forwarding process.As shown below:

  (III)The firewall itself should have very strong immunity against attacks

  This is a prerequisite for the firewall to take on the important task of protecting the internal network security of the enterprise.The firewall is at the edge of the network.It is like a border guard,facing hacker intrusions at all times.This requires the firewall itself to have very strong anti-intrusion capabilities.The reason why it has such a strong ability is that the firewall operating system itself is the key.Only an operating system with a complete trust relationship can talk about the security of the system.Secondly,the firewall itself has very low service functions.Except for the dedicated firewall embedded system,no other applications run on the firewall.Of course,these security can only be said to be relative.

/uploads/images/202507/08/5f4784e2c67c4f7df2a9119f3d4e6b72.jpg  

  What are the general characteristics of the firewall?

  Firewalls can strengthen security policies:Because there are millions of people on the Internet collecting and exchanging information every day,it is inevitable that there will be some people with bad morals or people who violate the rules.The firewall is a"traffic police"to prevent bad phenomena from happening.It executes the security policy of the site and only allows"approved"and rule-compliant requests to pass.

  Prevent vulnerable services:Firewalls can greatly improve enterprise network security and reduce the risk of main system security on subnets by filtering unsafe services.

  Firewalls can effectively record activities on the Internet:Because all inbound and outbound information must pass through the firewall,firewalls are very suitable for collecting information about the use and misuse of systems and networks.As the only point of access,the firewall can record between the protected internal enterprise network and the external network.

  Enhanced confidentiality:Firewalls can be used to separate one network segment from another in the network.In this way,problems that affect one network segment can be prevented from spreading through the entire network.

  Firewalls are a security policy checkpoint:All inbound and outbound information must pass through the firewall,and the firewall becomes a checkpoint for security issues,so that suspicious access is denied.

  The above is the network-level firewall introduced by the editor.In computing,the firewall is a network security system that monitors and controls incoming and outgoing network traffic.It has a good effect on preventing network attacks,so learning to use firewalls reasonably and in a standardized manner can effectively prevent malicious intrusions.

Relevant contents

What functions does the HD VOD server have? An article that explains the advantages and disadvantages of high-security and high-bandwidth servers How to use overseas CDN acceleration dedicated line How is the network speed experience of overseas ultra-large bandwidth servers? What does the purity of a server's IP address mean? How can I check it? Old version .NET framework Win cloud host deployment lightning protection guide How to add DNS address to Hong Kong server? Complete configuration guide and precautions What are the methods for monitoring domain name pollution? And what should be paid attention to during the detection? The True Value of IPv4 Addresses and DNS Servers How to choose a high-quality elastic public IP line
Go back

24/7/365 support.We work when you work

Support
Pre-sales consultation JTTI-Defl JTTI-COCO JTTI-Selina JTTI-Ellis JTTI-Eom Technical Support JTTI-NOC