The fact that the dynamic rise of the internet has brought the world closer but also at the same time, it has left us with various kinds of security threats. To ensure the confidentiality and integrity of valuable information of a corporate network from outside threats and attacks, we must have some strong mechanism which is why this firewall comes into the picture.
What is a Firewall?
A firewall is a type of cyber-security tool that is used to filter traffic on a network. Firewalls can be used to segregate network nodes from external traffic sources, internal traffic sources, or even specific applications. Firewalls can be software, hardware, or cloud-based, with each type of firewall having its own unique advantages and disadvantages.
The primary goal of a firewall is to block malicious traffic requests and data packets while allowing legitimate traffic through.
It can be compared with a security guard standing at the entrance of a president’s home. He/She keeps an eye on everyone and physically checks every person who wishes to enter the house. It won’t allow a person to enter if anyone is carrying a harmful object like a knife, gun, etc. Likewise, even if the person doesn’t possess any banned object but appears suspicious, the guard can still prevent that person’s entry.
Top 5 types of firewalls
Firewall types can be segregated into several different categories based on their general structure and method of operation. Here are the top 5 types of firewalls:
- Packet filtering firewall
- Circuit-level gateway
- Stateful inspection firewall
- Application-level gateway (aka proxy firewall)
- Next-generation firewall (NGFW)
Packet-filtering firewalls basically are the oldest type of firewall architecture that creates a checkpoint at a traffic router or switch. The firewall performs a simple check of the data packets which are coming through the router, inspecting information such as the destination IP address, packet type, port number without opening up the packet to inspect its contents.
The good thing about these firewalls is that they don’t require exclusive access to large amounts of data. This means they don’t have a huge impact on system performance and are relatively simple. However, they are also relatively easy to bypass compared to firewalls with more robust inspection capabilities.
Another schematic firewall type that is meant to quickly and easily approve or deny traffic without consuming significant computing resources, circuit-level gateways work by verifying the transmission control protocol (TCP) handshake which is designed to make sure that the session the packet is from is legitimate.
While exceedingly resource-efficient, these firewalls do not check the packet itself. By any chance, if a packet held malware, but had the right TCP handshake, it would pass right through. That’s why circuit-level gateways are not enough to protect your business by themselves.
Stateful Inspection Firewalls
Stateful inspection firewalls combine both packet inspection technology and TCP handshake verification to create a level of protection bigger than either of the previous two architectures could provide alone.
However, these firewalls do put more exertion on computing resources which may slow down the transfer of legitimate packets compared to the other solutions.
Proxy Firewalls (Application-Level Gateways/Cloud Firewalls)
Proxy firewalls operate at the application layer to filter incoming traffic between your network and the traffic source—hence, the name “application-level gateway.” These firewalls are delivered via a cloud-based solution or another proxy device. Instead of letting traffic connect directly, the proxy firewall first establishes a connection to the source of the traffic and inspects the incoming data packet.
This security check is similar to the stateful inspection firewall in that it looks at both the packet and at the TCP handshake protocol. Likewise, proxy firewalls may also perform deep-layer packet inspections, checking the actual contents of the information packet to verify that it contains no malware.
Once the security check is complete, and the packet is approved to connect to the destination, the proxy sends it off. This creates an extra layer of separation between the client and the individual devices on your network, obscuring them to create additional anonymity and protection for your network.
If there’s one drawback to proxy firewalls, it’s that they can create a significant slowdown because of the extra steps in the data packet transferal process.
Most recently released firewall products are being touted as “next-generation” architectures. Nonetheless, there is not as much consensus on what makes a firewall truly next-gen.
Few common features of next-generation firewall architectures include deep-packet inspection (checking the actual contents of the data packet), TCP handshake checks, and surface-level packet inspection. Next-generation firewalls may incorporate other technologies as well, such as intrusion prevention systems (IPSs) that work to automatically stop attacks against your network.
Choosing the ideal firewall begins with understanding the architecture and functions of the private network being protected but also calls for understanding the different types of firewalls and firewall policies that are most effective for the organization.
Whichever of the types of firewalls you choose, keep in mind that a misconfigured firewall can, in some ways, be worse than no firewall at all because it lends the threatening impression of security while providing little or none.