Jan. 12, 2011, 8:50 a.m.
posted by andy
What Is a Firewall?
When most people think of a firewall, they think of a device that resides on the network and controls the traffic that passes between network segments, such as the firewall in Figure (a network-based firewall). However, firewalls can also be implemented on systems themselves, such as with Microsoft Internet Connection Firewall (ICF), in which case they are known as host-based firewalls. Fundamentally, both types of firewalls have the same objective: to provide a method of enforcing an access control policy. Indeed, at the simplest definition, firewalls are nothing more than access control policy enforcement points.
A Network Firewall Enforcing Access Controls
Firewalls enable you to define an access control requirement and ensure that only traffic or data that meets that requirement can traverse the firewall (in the case of a network-based firewall) or access the protected system (in the case of a host-based firewall). Figure illustrates how you can use a network-based firewall to allow only traffic that is permitted to access protected resources.