Firewall VS Antivirus
A firewall can be defined as a standard approach that protects local computer assets from external threats. A firewall is designed to filter out the IP packets that are coming from the network to the computer. A firewall is also an effective way to protect the local system as well as against the network, and simultaneously you can access the internet or a wide area network.
Characteristics of a firewall
The firewall ensures that all the traffic coming from outside to inside or vice versa should transfer through it.
Authorized traffics is permitted to transfer through the firewall (as described in the security policy).
It uses a trusted system with a secure operating system which makes it robust against penetration.
Types of firewall
Packet filters – Packet filters are also called to as screening router and screening filters. Packet filter passes (forward or discard) the packet after applying some set of rules and decides based on the outcome. Although the security of the packet filters can be breached through IP spoofing, source routing attacks, and tiny fragment attacks. The advanced type of packet filters is a dynamic packet filter and stateful packet filter.
Proxy Server – It is also referred to as the Proxy server. After all, it behaves as a proxy or replacement and decides about the flow of the application-level traffic and hides the source IP from the outside world.
Circuit gateway – It is similar to application gateway but has some additional functionality such as creating a new connection between itself and a remote host. It is also capable of changing the source IP address in the packets from the end user’s IP. This is how it hides the original IP address of the source.
Internal exploits cannot be blocked by the firewall and also that is not bypassing through it.
It can not protect against malicious attacks.
Definition of Antivirus
An antivirus is a software which caters security against malicious programs coming from the internet. However, it is extremely hard or next to impossible to prevent them altogether from the world connected to the internet.
Each antivirus software follows an approach in which it performs detection, identification, and removal.
Malware Detection– In detection, the software is aware of the malware attack and locates the infected file or program.
Malware Identification– After detection, it then, recognize the type of the virus.
Removal– At last antivirus takes action for removing the infected file and all the traces of it, restore the original backup file/program.
Antivirus only supports the Common interface file system protocol, not the NFS file protocol.
it’s not appropriate to deliver the antivirus protection to the files that are being read concurrently while being written.
It is not possible to perform antivirus checking to the read-only files.