Firewall

Firewall settings are a means of protecting the system from network attacks. Incoming ports that are not needed should be blocked. Even better than that, however, is not to start any services that open these ports. The necessary settings require an overview of the ports used that is coordinated with everyone involved.

A firewall can be used to filter the network packets that are passing through. Depending on the firewall technology, filter rules can be formulated on the basis of address, port, state of communication relationship, content of the packet and much more. Firewalls are thus a tool to reduce the attack surface.

A firewall can be additionally installed software, part of the operating system or a self-contained device. Each of these forms has advantages and disadvantages. For example, unlike an external firewall, with a firewall that is part of the operating system rules for programs can be configured, but it is also easier for malware to modify and activate or deactivate it.

Firewalls with deep-packet inspection, which also evaluate the user data of the data packets, are not able to see the contents of encrypted connections. In order to be able to process the content (e.g. web applications), encryption is often terminated at the firewall and the data for the client is re-encrypted. As a result of this, the contents are visible to the firewall, but the end-to-end encryption is interrupted.

Restrictive, explicit settings for communication via a firewall are an important measure to allow network access only to the necessary extent.

Important TCP/UDP ports contains a list of TCP/UDP ports that typically need to be considered in order to configure a firewall.