Simply the name, firewall, conjures up an image of a great wall of fire burning anything that is unauthorized and trying to pass through.

Just as the name suggests, in the digital world, a firewall prevents an unauthorized access to or from a network. A firewall is usually at the perimeter of a private network and the open Internet, it acts as a barrier and allows traffic through based on a set of pre-defined rules:

The preceding image clearly demonstrates the functioning of a firewall. As we can see, the network traffic can either pass through or be rejected by the firewall when found to be contrary to a pre-defined rule. The key factor of interest for us is the fact that every interaction with the firewall leaves a trace. This is reflected in the form of an entry in the firewall logs. Network forensic investigations require us to understand the firewalls and events that produce the entries in the log files. As the Digital 007s, it's our job to "make the firewalls talk...