The primary approach of using a Firewall is to deal with numerous point regarding security of your Server or Host. A firewall imposes restrictions on incoming and outgoing packets to and from the private network. All the traffic, whether incoming or outgoing, must pass through the firewall, and only authorized traffic is allowed to pass through it. Apart from it a Firewall imposes certain benefits. Some of the segments that covers under these benefits are:
1. Overall controlled Access to site systems
A firewall act as a barrier to control access over to a site system. This can be explained by the example that if some host can be made reachable from outside networks, whereas others can be effectively sealed off from unwanted access. A site could prevent outside access to its hosts except for special cases such as mail servers or information servers. Thus providing a filtering system which enables only those that meet the access policy
2. Concentrated Security
A firewall remains the better choice for organizations willing to cut costs on their security mechanism, because it allows them to implement a parallel software on all hosts instead of implementing one individually. Simply put, it becomes easier to set unique security credentials on the firewall itself, and it works on all systems accessing the network. Firewall is also a better option because it requires less installation and maintenance costs, unlike other solutions like Kerberos [NIST94C] that demands individual modification on each host. Despite of the fact that Kerberos and other security mechanisms have their added benefits over Firewall, the letter one remains more popular due to its simplicity, specialization and less costs.
3. Enhance system privacy
Privacy is one of the crucial factors that must be taken care as innocuous information might contain clue that termed to be very helpful to hackers or attackers. Since to overcome these factors and grab a much effective security value, a firewall comes in action. They help in blocking services that can be helped in leaking this information such as finger and Domain Name Service. finger displays information about users such as their last login time, whether they've read mail, and other items. These Firewalls can also be used to block DNS information about site systems, thus the names and IP addresses of site systems would not be available to Internet hosts.
4. Providing shield from network misuse, Policy enforcement etc.
A firewall can be very beneficial if it was used as a filter towards all of the internet access to and from the system passes through it. The firewall can log accesses and provide valuable statistics about network usage. In today’s era all of the major firewall are enabled with notification system such as the appropriate alarms that sound when suspicious activity occurs can also provide details on whether the firewall and network are being probed or attacked. It is very beneficial to collect network usage statistics and evidence of probing for a number of reasons. One of the primary importance is knowing whether the firewall is withstanding probes and attacks, and determining whether the controls on the firewall are adequate thus helping in maintaining risk factors.
5. Defending vulnerable services
A firewall can enhance network security and reduce risks to hosts by filtering inherently insecure services. As a result, the subnet gets shield from all of the risks, as only selected protocols will be able to pass through the firewall. For example, a firewall could block any vulnerable services such as NFS from entering or leaving a subnet. This provide the benefit of preventing the services from being exploited by outside attackers, but at the same time permits the use of these services with greatly reduced risk to exploitation. A firewall could reject all source-routed packets and ICMP redirects and then inform administrators of the incidents.