firewall is a system designed to prevent unauthorized access to or from a privatenetwork. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized internet users from accessing private networks connected to the internet, especially intranets.

Firewalls limit traffic from the internet to your computer, network, or web app. … However, anti-virus and firewalls aren’t the only ways to protect yourself againsthack attacks. Hackers don’t just attack through malware or trojans and they don’t just attack through accessing your network or web app.

Most modern PCs have far more than enough RAM, CPU speed, and I/O performance to work as a firewall for all but the largest or heavily trafficked networks. Many large businesses did use off the shelf servers as their firewalls–I’ve worked at some of these companies and seen many such firewalls. A bargain PC won’t be your best choice, however, for a couple of reasons. First, you will want to be sure that the motherboard has a high-performance bus controller and that there are enough expansion slots to accomplish what you want. A single free PCI slot simply isn’t (usually) enough. Few expansion slots is often also a sign that the system wasn’t designed for a long life and constant use. Less expensive motherboards simply are more likely to fail, and you don’t want the system burning out in 6 months! Power supplies are another cause of failure, you will want a sturdy power supply that exceeds the minimum needs, provides very reliable output, and will have a long life–it’s going to be running all the time.

Next you should consider network interface (NIC) options. Most of the time your motherboard will have a single 10/100baseT Ethernet interface already built-in. This can either be a good thing or a bad thing. Sometimes these provide good performance–other times I’ve found they weren’t as good as my added cards. The main point here is that you will want one network interface for each physical network: two at a minimum. One for your internal (or protected) network, and another for the external (or Internet) network. As you’ll see in the design section, this is the minimum; you may want or need several more NICs. If you don’t have that many expansion slots on your motherboard bus, there are cards that have multiple Ethernet interfaces on a single card (two, or even four). While this may seem like a neat idea, I don’t usually recommend it because if that card fails, two (or four) networks go down rather than just one. Will you be able to replace a four-port card quickly if you don’t own a spare? If you are trying to imitate one of the small appliance firewalls, you’ll note that they often just have a single four-port Ethernet card, so it’s not a horrible idea–just one that isn’t ideal. You may want to use a gigabit (1000BaseT) Ethernet interface for your internal networks if you want or need the higher throughput. Home users might consider a Wi-Fi adapter for the internal interface since they may not have or want cabling connecting the firewall to the ideal spot for their wireless router or hub. Routing can become complex, and we’ll need to cover that in a follow-up article.

Quote

 

Verification