firewall

A Hardware Firewall is a network device that is connected upstream from a server. The Firewall blocks unwanted traffic from a server before the traffic ever reaches the server. The main advantage to having a Hardware Firewall is that a server only has to handle ‘good’ traffic and no resources are wasted dealing with the ‘bad’ traffic.

## Configure And Editing Rules of a Hardware Firewall :

Configuring a Firewall is as simple as creating a set of rules to allow access to certain ip addresses and ports from specific internet addresses.

When a Firewall is first added to a server, a set of rules is initially put in place that allows all traffic to reach the server. The rules can then be edited to control the traffic reaching the server. Rules are displayed in order with lower numbered rules having precedence over higher number rules.

From the Firewall management link, click on the ‘edit’ link for the Firewall to be configured. The page will display a block showing a tab with the current rules in effect plus several tabs containing templates customized for the server’s operating system.

At this point links are available to edit the current rules or start fresh using a template. Once the user has selected to either edit the current rules, or edit a new configuration starting with a template, a list of rules is shown with an ‘edit’ button on each line. This list of rules is known as the ‘working config’. A ‘working config’ is a set of rules that is in the process of being created but has not yet been applied to the Firewall. A user may edit, add, and delete rules until the rule set is completed and then apply the rules to the Firewall which will put the rule set into effect.

Clicking on the ‘edit’ button takes the user to a rule edit form.

The fields are:

1. Order – this select list controls the order in which rues are evaluated.
2. Action – this select list is used to ‘permit’ or ‘deny’ traffic matching this rule.
3. Source IP – this ip address field can be either ‘any’ or a specific ip address (must tbe an ip, not a name).
4. Source IP Mask – this select list is used when a range of ips is required for a rule, usually set to ‘entire internet’.
5. Destination Ports – these two fields allow selection of the port or port range for the rule (for one port, put the same port number in both fields).
6. Protocol – this select list allows the rule to only be appliced for a specific protocol (usually tcp).

## Common Ports Used by application :

FTP – 21
SSH – 22
Telnet – 23
SMTP – 25
DNS – 53
HTTP – 80
POP3 – 110
IMAP – 143
HTTPS – 443
MSSQL – 1433
MySQL – 3306
Remote Desktop – 3389
PostgreSQL – 5432
VNC Web – 5800
VNC Client – 5900
Urchin – 9999 or 10000

# Applying Rules :

Once the ‘working config’ is complete, press the ‘Apply Config’ button to have the ‘working config’ applied to the Firewall. The rules should take effect immediately.
Bypassing the Firewall

If a user wishes to have all traffic temporarily pass through the Firewall, a ‘Bypass’ button is available on many of the Firewall management pages. When a Firewall is in this mode, a rule is put in place to allow all traffic to pass through. The last set of applied rules is still stored and may be put back into effect at any time by re-applying the configuration. While in bypass mode, the status line on the Firewall management pages will display ‘bypassed’.

This is Help Full to all .….. 🙂 🙂 🙂

A firewall sits between a computer (or local network) and another network (such as the Internet), controlling the incoming and outgoing network traffic.
With a firewall, the firewall’s rules determine which traffic is allowed through and which deny and Without a firewall, anything goes.

### Why Computers Include Firewalls ::

Most people now use routers at home so they can share their Internet connection between multiple devices.Today’s Router actually functions as a sort of hardware firewall due to its NAT (network address translation) feature, preventing unsolicited incoming traffic from reaching your computers and other devices behind your router. However, there was a time when many people plugged their computer’s Ethernet cable directly into their cable or DSL modem, connecting the computer directly to the Internet. A computer connected directly to the Internet has a publicly addressable IP – in other words, anyone on the Internet can reach it. Any network services you have running on your computer – like the services that come with Windows for file and printer sharing, remote desktop, and other features – would be accessible to other computers on the Internet.

This prevents people on the Internet from connecting to local network services on your computer. It also controls access to network services from other computers on your local network. That’s why you’re asked what type of network it is when you connect to one in Windows. If you connect to a Home network, the firewall will allow access to these services. If you connect to a Public network, the firewall will deny access.

Firewalls sit between a network (such as the Internet) and the computer (or local network) the firewall is protecting. A firewall’s main security purpose for home users is blocking unsolicited incoming network traffic, but firewalls can do much more than that. Because a firewall is sitting between these two networks, it can analyze all traffic reaching or leaving the network and decide what to do with it.
For example, a firewall could also be configured to block certain types of outgoing traffic or it could log suspicious traffic (or all traffic).

A firewall could have a variety of rules that allow and deny certain types of traffic.
For example, it could only allow connections to a server from a specific IP address, dropping all connection requests from elsewhere for security.

Firewalls can be anything from a piece of software running on your laptop (like the firewall included with Windows) to dedicated hardware in a corporate network.
Such corporate firewalls could analyze outgoing traffic to ensure no malware was communicating through the network, monitor employee’s network use, and filter traffic — for example, a firewall could be configured to only allow web browsing traffic through the firewall, blocking access to other types of applications.