Firewalls and antivirus software

Firewalls and antivirus software

Firewalls

  • Act as a security guard between internal and external networks, monitoring all incoming and outgoing traffic.

  • Firewalls use a set of defined rules to allow or block traffic.

  • Can be hardware or software-based. Hardware firewalls protect the whole network while software ones protect individual devices.

  • Firewalls use packet filtering to examine packets of data transferred across the internet.

  • Some firewalls includes intrusion detection systems (IDS) to monitor network traffic and alert the system or network administrator of suspicious activities.

  • Limitations of firewalls:

    • Cannot protect against attacks that bypass them (e.g. physical or internal attacks).
    • Not designed to protect against malicious software embedded in an authorized user’s files.

Antivirus Software

  • Antivirus software is a type of programme designed to prevent, detect, and remove software viruses, and other malicious software.

  • Antivirus software detects and removes viruses by scanning files or directories and comparing the data to a database of virus signatures.

  • Most modern antivirus software employs heuristic-based detection, allowing it to detect viruses not yet in its signature database.

  • Auto-update function is crucial in keeping the software effective, as new viruses are created and spread every day.

  • Limitations of antivirus software:

    • Cannot protect against a virus not already in its database.
    • Can potentially slow down the system they are protecting.
    • False positive issues - incorrectly identifying a safe file as a virus.

Importance of Firewalls and Antivirus Software

  • They form the first line of defence in network security.

  • Help to protect sensitive data and prevent unauthorized access to networks and systems.

  • Minimise the risk of damage caused by malicious software such as viruses, worms, and Trojans.

  • Contribute to complying with legislation policies and procedures concerning data protection and IT security.

  • Mitigate potential financial loss due to attacks and breaches.

  • Maintaining trust with customers and stakeholders by demonstrating commitment to security.