Firewalls and antivirus software
Firewalls and antivirus software
Firewalls
-
Act as a security guard between internal and external networks, monitoring all incoming and outgoing traffic.
-
Firewalls use a set of defined rules to allow or block traffic.
-
Can be hardware or software-based. Hardware firewalls protect the whole network while software ones protect individual devices.
-
Firewalls use packet filtering to examine packets of data transferred across the internet.
-
Some firewalls includes intrusion detection systems (IDS) to monitor network traffic and alert the system or network administrator of suspicious activities.
-
Limitations of firewalls:
- Cannot protect against attacks that bypass them (e.g. physical or internal attacks).
- Not designed to protect against malicious software embedded in an authorized user’s files.
Antivirus Software
-
Antivirus software is a type of programme designed to prevent, detect, and remove software viruses, and other malicious software.
-
Antivirus software detects and removes viruses by scanning files or directories and comparing the data to a database of virus signatures.
-
Most modern antivirus software employs heuristic-based detection, allowing it to detect viruses not yet in its signature database.
-
Auto-update function is crucial in keeping the software effective, as new viruses are created and spread every day.
-
Limitations of antivirus software:
- Cannot protect against a virus not already in its database.
- Can potentially slow down the system they are protecting.
- False positive issues - incorrectly identifying a safe file as a virus.
Importance of Firewalls and Antivirus Software
-
They form the first line of defence in network security.
-
Help to protect sensitive data and prevent unauthorized access to networks and systems.
-
Minimise the risk of damage caused by malicious software such as viruses, worms, and Trojans.
-
Contribute to complying with legislation policies and procedures concerning data protection and IT security.
-
Mitigate potential financial loss due to attacks and breaches.
-
Maintaining trust with customers and stakeholders by demonstrating commitment to security.