无论(Whether)是在您自己的系统上还是在带有网络安全元素的犯罪剧中,您无疑都听说过“防火墙”这个词。您的防火墙是计算机安全的重要组成部分,有助于阻止不需要的连接、潜在的黑客等。
有不同种类的防火墙和网络安全。要了解如何最好地保护您的个人数据,您首先需要了解防火墙是什么以及它的用途。
什么是防火墙?(What Is a Firewall?)
防火墙以在许多连接的家庭中发现的内墙命名,以防止火灾从一个家庭的空间移动到另一个家庭。以同样的方式,您计算机的防火墙会密切关注您网络中的流量并阻止未经授权的连接(blocks unauthorized connections)。
该术语首次出现在 1983 年的电影WarGames中,远在它用于实际计算之前。虽然尚不清楚该术语第一次正式使用的时间,但很容易看出该术语的演变。
在 80 年代后期,网络安全路由器可以过滤信息作为网络安全的早期形式。从那时起,出现了多种类型的防火墙,每种防火墙在网络安全方面都有不同的用途。
防火墙类型(Types of Firewalls)
基本上有六种不同类型的防火墙。所有防火墙都是基于软件或基于硬件的防火墙(hardware-based firewalls)。下面提到的大多数类型基本上只取决于防火墙规则和功能的工作方式,无论是软件还是硬件。
虚拟防火墙(Virtual Firewall)
虚拟防火墙也称为云防火墙。这是一种在“虚拟”环境中使用的网络保护,例如云或虚拟机中。这些防火墙的工作方式与硬件防火墙非常相似,但能够进行更彻底的定制以适应应用程序。
虚拟防火墙可以是高度特定于应用程序的,因为它只能用于一个特定的应用程序,而不能用于其他任何应用程序。在其他用途中,它可以保护云环境免受未经授权的流量。例如,像DropBox或 iCloud 这样的服务会使用虚拟防火墙来防止入侵。
代理防火墙(Proxy Firewall)
代理防火墙是一种较早、更原始的防火墙类型,缺乏更现代网络安全解决方案的更高级功能。在大多数情况下,代理防火墙使用基本过滤器保护 A 点和 B 点之间的流量。
代理防火墙将监控传入和传出流量并阻止任何不允许的连接。用更专业的术语来说,代理防火墙阻止应用层的连接,而不是网络或传输层。
统一威胁管理防火墙(Unified Threat Management Firewall)
统一威胁管理防火墙(Unified Threat Management Firewall)或UTM防火墙将防火墙功能与防病毒软件相结合。UTM防火墙不仅可以防止未经授权的流量,还可以监控各种不同的威胁。
UTM防火墙还可以监控基于电子邮件的攻击,以及远程工作带来的威胁。尽管如此,UTM防火墙的设计目的是更易于使用,并具有更简化的控制方案。
下一代防火墙(Next-Generation Firewall)
下一代防火墙或NGFW是一种更先进、更强大的防火墙。标准防火墙可能主要侧重于过滤数据包,而NGFW将该技术与高级入侵检测和其他功能相结合,以提供更高级别的保护。
在某些情况下,NGFW(NGFWs)利用人工智能来提供更好的网络安全性。这使他们能够提供更高级别的保护,但这种防火墙往往更常用于具有大型网络和数据库的公司环境中。
以威胁为中心的 NGFW(Threat-Focused NGFW)
如果NGFW是更高级的防火墙,那么以威胁为中心的NGFW是最高级的选择。它对网络有广泛的认识,知道最大的威胁在哪里,并且由于智能安全自动化,它可以响应潜在的攻击。
状态检查防火墙(Stateful Inspection Firewall)
状态检查防火墙(Inspection Firewall)是大多数现代系统上的标准防火墙类型,它根据连接的“状态”阻止流量。这称为“状态包检查”或“动态包过滤”。
换句话说,状态检查防火墙只允许具有正确状态的授权流量通过并阻止所有其他连接。它还根据端口和协议类型监控威胁。
你需要防火墙吗?(Do You Need a Firewall?)
在Internet(Internet)的早期,用户安装自己的个人防火墙(their own personal firewalls)作为抵御在线威胁的附加保护层的情况并不少见。然而,那些日子早已一去不复返了——不是因为缺乏威胁,而是因为防火墙随时可用。
Windows和 macOS都在操作系统中提供了内置防火墙,可提供大量保护。最重要的是,绝大多数无线路由器还以网络地址转换(Network Address Translation)的形式提供了另一层保护。
也就是说,即使您的操作系统有内置防火墙,您的计算机在公共网络上仍然容易受到攻击。如果您连接到机场Wi-Fi或在咖啡店的公共网络上跳跃,您需要的不仅仅是防火墙来阻止使用数据包嗅探器的人。
如果您经常使用不安全的 Wi-Fi(Wi-Fi)网络,请考虑投资虚拟专用网络(virtual private network)或VPN——它会(VPN—it)加密您的信息并防止其被窥探。这是在公共网络上访问银行信息或敏感数据的唯一安全方式。
您可以在系统上安装第三方防火墙(third-party firewall)以增加保护,但这不是绝对必要的。但是,如果您想确保您的系统受到保护,我们提供了适用于 Windows 10 的最佳防火墙列表,这些防火墙不是(best firewalls for Windows 10)默认防火墙软件(aren’t) Windows Defender。
防火墙这个话题与网络安全密切相关,并且很快就会成为一个技术性很强的话题,但要点是:防火墙很重要,但您可能已经可以通过您的操作系统和网络路由器访问多个防火墙。请(Just)记住,如果您出于任何原因(例如更新或补丁)选择禁用操作系统防火墙(choose to disable your OS firewall),请在完成后将其重新打开。
What is a Firewall and What’s Its Purpose?
Whether on уour own system or in crime dramas with а cyberseсurity element, you’ve no doubt heard the term “firewall.” Your firewall is an іmportant pаrt оf yoυr computer’s secυrity and helps keep out unwanted connections, potential hackerѕ, and more.
There are different kinds of firewalls and network security. To understand how to best protect your personal data, you need to first know what a firewall is and what it’s intended for.
What Is a Firewall?
Firewalls are named for the interior walls found in many connected homes that prevent fire from moving through spaces from one home to the next. In much the same way, your computer’s firewall keeps an eye on the traffic in your network and blocks unauthorized connections.
The term first appeared in the 1983 movie WarGames, well before it was ever used in actual computing. While it’s not clear the first time the term was used officially, it’s easy to see the evolution of the term.
In the late 80s, network security routers could filter information as an early form of network security. Since that time, multiple types of firewalls have emerged, each of which serve a different purpose with regard to cyber security.
Types of Firewalls
There are essentially six different types of firewalls. All firewalls are either software-based or hardware-based firewalls. Most of the types mentioned below basically just depend on how the firewall rules and features work, either in software or in hardware.
Virtual Firewall
A virtual firewall is also known as a cloud firewall. This is a type of network protection used within a “virtual” environment, such as the cloud or within a virtualized machine. These firewalls work much like hardware firewalls, but are able to be more thoroughly customized to fit the application.
A virtual firewall can be highly application-specific, in that it can work for one specific application and nothing else. In other uses, it can protect a cloud environment from unauthorized traffic. For example, a service like DropBox or iCloud would use a virtual firewall to protect against intrusion.
Proxy Firewall
A proxy firewall is an earlier, more primitive type of firewall that lacks the more advanced features of more modern network security solutions. In most cases, a proxy firewall protects traffic between point A and point B with basic filters.
A proxy firewall will monitor both incoming and outgoing traffic and block any connection that isn’t allowed. In more technical terms, a proxy firewall blocks connections at the application layer, rather than the network or transport layer.
Unified Threat Management Firewall
A Unified Threat Management Firewall, or a UTM firewall, combines firewall functionality with antivirus software. UTM firewalls protect against more than just unauthorized traffic and monitors for a variety of different threats.
UTM firewalls can also monitor for email-based attacks, as well as for threats borne through remote work. Despite this, UTM firewalls are designed to be easier to use, with more simplified control schemes.
Next-Generation Firewall
A next-generation firewall, or NGFW, is a much more advanced and powerful type of firewall. Where a standard firewall might focus primarily on filtering packets, a NGFW combines that technology with advanced intrusion detection and other features to provide next-level protection.
In some cases, NGFWs utilize artificial intelligence to provide better network security. This allows them to provide significantly more levels of protection, but this kind of firewall tends to be used more often in corporate environments with large networks and databases.
Threat-Focused NGFW
If a NGFW is a more advanced firewall, then a threat-focused NGFW is the most advanced option. It has broad awareness of the network to know where the largest threats lie, and it can respond to potential attacks thanks to intelligent security automations.
Stateful Inspection Firewall
A Stateful Inspection Firewall is the standard type of firewall found on most modern systems and blocks traffic based on the “state” of a connection. This is known as “stateful packet inspection,” or “dynamic packet filtering.”
In other words, a stateful inspection firewall allows only authorized traffic with the correct state to pass through and blocks all other connections. It also monitors threats based on port and protocol type.
Do You Need a Firewall?
In the early days of the Internet, it wasn’t unusual for users to install their own personal firewalls as an added layer of protection against online threats. However, those days are long gone now—not due to lack of threats, but because firewalls are readily available.
Both Windows and macOS provide built-in firewalls in the operating systems that offer a tremendous amount of protection. On top of that, the vast majority of wireless routers also provide another layer of protection in the form of Network Address Translation.
That said, even with a built-in firewall through your operating system, your computer can still be vulnerable on public networks. If you connect to airport Wi-Fi or hop on a public network in a coffee shop, you need more than just a firewall to stop someone with a packet sniffer.
If you routinely use unsecured Wi-Fi networks, consider investing in a virtual private network, or VPN—it encrypts your information and protects it against prying eyes. It’s the only secure way to access banking information or sensitive data while on a public network.
You can install a third-party firewall on your system for added protection, but it isn’t strictly necessary. However, if you want to make sure that your system is protected, we have a list of the best firewalls for Windows 10 that aren’t Windows Defender, the default firewall software.
The topic of firewalls connects heavily to network security and can quickly become a highly technical topic, but the takeaway is this: Firewalls are important, but you probably already have access to multiple firewalls through your OS and your network router. Just remember, if you choose to disable your OS firewall for any reason (like an update or patch), turn it back on after you finish.