A distributed firewall protects individual systems from unauthorized access and malware by distributing software to each computer on a network, which communicates with a central control system for access approval. It differs from a traditional firewall that protects the entire network. Using both perimeter and distributed firewalls provides optimal security.
A distributed firewall is a software system used to protect networked computers from unauthorized access and the potential installation of malicious software. This is somewhat similar to a traditional or perimeter firewall, but rather than establishing the topography for access and trust in a network, it provides protection to individual systems. A distributed firewall essentially works through software that is “distributed” to each computer on a network, which then communicates with a central control system. Approval for access to users or different network ports is then issued on an individual basis to each computer and user, rather than to the network as a whole.
The idea behind a distributed firewall is that a system has protection on every client or computer on a network. A traditional firewall system, sometimes called a perimeter firewall, works by providing protection for an entire network at the router or modem level. For example, if you have five computers on a network, all connected to a router that gives them access to the Internet, it is likely that the router has the primary firewall for that network.
Everything inside the router’s “wall,” the five computers, is considered safe and reliable. Those computers or systems outside this “wall” are considered unsafe and not inherently trustworthy. This is called topography, as it creates an “in” and an “out” that are safe and unsafe zones.
In contrast, a distributed firewall works on an individual level without establishing any type of topography for the network. Every computer has software that works like a firewall, which has been “distributed” across the network rather than isolated to a single system. A central controller for this distributed firewall is then established on a terminal, typically the one used for system administration.
Authorizations for access controls and port connections then pass through each individual computer, which receives a request from the control system. A distributed firewall uses a system of “policies” that identify the users and ports to which a system can be connected. These policies are maintained on the administrator’s computer and sent to other systems to indicate which files or ports on a network are safe or trusted. This provides each computer on a network with individual protection from an attack, even one that could come from within the network and from the perimeter firewall.
Networks should typically use a perimeter and distributed firewall to ensure optimal security. The perimeter allows for more widespread control over a system and deflects a wide range of potential attacks. Using a distributed firewall, however, offers additional security and allows for protection against more precise and targeted attacks.
Protect your devices with Threat Protection by NordVPN