The following is a response I gave to the question “Two days off and I slept most of that time. I used to think this was no way to live and I would never do that. I still think the same thing about it is no way to live. But I understand now sometimes you must do things you really don’t want to to get to where you want to be. “
Well, I guess to understand this concept you need to have a decent understanding of how a firewall works and what it is they do. So firewalls at the base level block information. But how do they do that?
Well, there are different types of firewalls you have a Web Application Firewall (WAF), A Next-Generation Firewall (NGFW), and your most common packet-filtering firewall. You can break these down further into I think five categories.
But I digress, as that is much more information than you need to understand for this course. So in this course when they say firewall they are referring to a packet-filtering firewall if I am not mistaken. This is a very basic firewall. You say “hey block this port or block this type of information on this port i.e UDP or TCP”. This firewall works in two ways an in and an out.
So I can block all information on a port coming in or out. Let’s use a common port of 22 Secure Shell (SSH) or 3389 remote desktop protocol (RDP) for this example. We would like to be able to connect over SSH or RDP to the company from anywhere. This will need to be secured with Multi-factor authentication(MFA) and a good pass-key or Single sign-on (SSO) using Active Directory(AD) depending on the Operating system(OS).
To allow this to happen ports 22 and 3389 must be open on the inbound lane of the firewall. Because if it is not, the firewall will drop all traffic from this port to protect the network. Further, if we wanted to SSH from the network to the outside, say a client’s workstation, we would need the outbound lane opened. If this was not open the same thing would happen. The firewall would drop the out connections to protect the network.
So if you take this concept you could see how this could cause problems for a company if the firewall rules are too strict. A few examples are as follows.
Port 80 and 443 being blocked in both directions = no web traffic at all. No connections to the internet.
Port 22 is blocked in both directions = no SSH in either direction at all. So no one can SSH in or out of the network to the client’s workstations.
Port 3389 is blocked coming in but not going out = We can not connect into the network to windows computers. But we can connect out of the network to the client’s workstations.
In these cases, we limit our access inside our outside of the network. There for limiting the amount of work we can or can not do. If we can not do our jobs that would be the most negative thing. If we have a firewall to “harshly” configured in short. People will be coming to us all the time because they can not access what they need to.