Although the term "firewall" is used by vendors in many different ways, firewalls are fundamentally an access control measure for networks. That is, they limit what people logged onto one network can do on another network that is connected to the first. Firewalls are commonly used to keep Internet users (especially Web site visitors) away from an organization's internal networks. "If you connect to the Internet, you have to install a firewall, there's no option," says Michael Zboray, vice president of network security at Gartner Group, a Stamford, Conn.-based information technology advisory firm.

Increasingly, firewalls are also being deployed to shield internal computer networks from each other.

The firewall itself is usually a combination of hardware and software that presents a single point through which all traffic between two networks must pass. Only authorized traffic, as determined by what is being attempted and by whom, is allowed to pass.

There are two approaches to firewall architecture, application gateways and packet filtering. A gateway intercepts all traffic between two networks and decides what should and shouldn't pass. (Secure gateways called proxy servers act as dummy fronts to an internal network, shielding its complexity and structure from the outside.) A packet-filtering gateway acts as a router, either blocking or forwarding messages and requests for information based on their source addresses and other limitations. The two methods are usually implemented together.

Some companies sell firewalls already installed on a computer platform; others sell only the software, leaving you to install it on your own platform.

Encryption programs, anti-virus software and other programs are sometimes pre-installed on firewalls because of their convenient location between networks. Firewall vendors include Trusted Information Systems Inc., Raptor Systems Inc., Telos Corp., V-One Corp., CyberGuard Corp. and Secure Computing Corp. Some new products are selling for as little as $3,000; typical firewall costs range as high as $25,000 to $30,000.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec