Nations without controlled borders cannot ensure the security and safety of their citizens, nor can they prevent piracy and theft. Networks without controlled access cannot ensure the security or privacy of stored data, nor can they keep network resources from being exploited by hackers. The communication efficiency provided by the Internet has caused a rush to attach private networks directly to it. Direct Internet connections make it easy for hackers to exploit private network resources. Prior to the Internet, the only widely available way for a hacker to connect from home to a private network was by direct dialing with modems and the public telephony network. Remote access security was a relatively small issue.
When you connect your private network to the Internet, you are actually connecting your network directly to every other network that's attached to the Internet directly. There's no inherent central point of security control in fact, there's no inherent security at all. Firewalls are used to create security checkpoints at the boundaries of private networks. At these checkpoints, firewalls inspect all packets passing between the private network and the Internet and determine whether to pass or drop the packets depending on how they match the policy rules programmed into the firewall. If your firewall is properly configured, is capable of inspecting every protocol you allow to pass, and contains no serious exploitable bugs, your network will be as free from risk as possible.
The link for this article located at Linux Exposed is no longer available.