IT Central Station is now PeerSpot: Here's why

Firewalls

Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
262

Firewall security, which provides the first barrier against malicious traffic, is essential for securing an organization’s network. Although it is a widely used tool, choosing the right solution for your organization’s needs can be tricky.

Firewall

In this post, we’ll walk you through how firewalls work, the different types of firewalls, top brands to consider, and the benefits of firewalls.

What Is a Firewall in Networking?

A firewall is a cybersecurity tool that filters traffic on a network. It acts as a barrier between a private network and the public internet. The goal of a firewall is to allow legitimate traffic through while rejecting suspicious requests and packets. This firewall definition sounds simple, but how do firewalls work?

How do Firewalls Work?

Firewalls inspect incoming packets, blocking malicious traffic requests and data packets. Some solutions also perform deep-layer packet inspections.

Next-generation firewalls usually combine malware and application-layer attack blocking capabilities with integrated intrusion prevention systems (IPS).

Why Is Firewall Security Important?

Firewalls are key to network security because they provide the first barrier against malicious attacks. By working with firewall security rules, advanced firewalls can set policies and carry out assessments to detect and stop malicious activity.

By leveraging a firewall, you can level up the first layer of protection with a filter against malware, application-layer attacks, and other advanced threats.

Firewall Types

Firewalls differ based on their structure and form of operation. There are five major types of firewalls:

1. Circuit-level gateways

    These are very simple firewalls, which approve or reject traffic by verifying the transmission control protocol (TCP). The firewall checks the TCP handshake - a process in which both client and server exchange synchronized acknowledgment packets - to verify the packet origin is legitimate. If the handshake is correct, the packet can pass.

    Pros: This system is simple and resource-efficient.

    Cons: The firewall doesn’t check the packet itself. Therefore, it is possible for a malware packet to have the right TCP handshake and pass through the firewall.

    2. Packet-filtering firewalls

    This is the most common type of firewall architecture. It involves creating a filter or checkpoint at a traffic router. The firewall checks the incoming packets according to set rules. Some factors the firewall inspect include:

      • Origin/destination IP address
      • Packet type
      • Port number

      If the packet information doesn’t match the rules, the firewall drops it, preventing the packet from going further in the network.

      Pros: These firewalls don’t require a lot of resources and are relatively simple.

      Cons: Their inspection capabilities are fairly basic. Therefore, a sophisticated attacker can bypass them easily.

      3. Stateful inspection firewalls

      These firewalls inspect the state of the network connections, tracking single sessions of network connections. Some factors stateful firewalls check include:

        • TCP streams
        • Datagrams
        • ICMP messages
        • TCP handshakes
        • Packets

        A stateful firewall will conduct dynamic packet filtering to decide which network packets can pass through the firewall.

        Pros: Provides an extra layer of protection by combining packet inspection and TCP handshake verification.

        Cons: Resource-intensive and may slow down the transfer of legitimate packets.

        4. Proxy firewalls (application-level gateways)

          These firewalls work as network security systems that filter incoming traffic at the application level. They sit between the network and the traffic source as a gateway, connecting to the source of the traffic and checking the incoming packet. Some factors proxy firewalls inspect include:

          • TCP handshakes
          • Packets
          • Checking the contents of the information packet (deep-layer inspection)

          Pros: Positions itself between the origin of the traffic and individual devices in the network, which creates an additional layer of protection.

          Cons: Consumes large amounts of resources and can significantly slow down the data packet transfer process.

          5. Next-generation firewalls (NGFW)

            These new firewalls usually combine the features of the previous types. While there is not a clear definition of what makes a firewall next-gen, here are some common features:

            • Deep-layer packet inspection
            • TCP handshake checks
            • Surface-level packet inspection

            Many next-gen firewall solutions may include other protection technologies, such as intrusion prevention systems (IPS).

            Pros: Combines the features of traditional firewalls, such as deep packet inspection with an application-level inspection.

            Cons: Each next-gen offering is different, so check the individual features of the product before committing.

            Firewall Software vs Hardware

            Companies can choose different methods to deliver firewall functionality. Traditionally, an organization will install a firewall device deployed as a physical appliance. However, there are also software firewalls that are commonly built-in operating systems.

            Hardware Firewalls

            This type of firewall sits on a physical device that works similarly to a traffic router. The device filters traffic requests before they connect to the network server.

            Pros: Great for perimeter security because it intercepts all incoming traffic before it reaches the endpoints.

            Cons: Vulnerable to insider attacks.

            Software Firewalls

            Software firewalls are installed on a local device, or cloud server, instead of in a piece of hardware. You can find them built into your Windows or Mac operating system. Many next-gen firewalls are in this category.

            Pros: Great for creating defense in depth. Software firewalls can separate network endpoints. They are more scalable since you don’t need to add an extra physical device when you add more endpoints to your network.

            Cons: If the software is installed on-premises, it may involve maintaining multiple firewalls on different devices.

            Cloud Firewalls (Firewall-as-a-Service)

            Firewall-as-a-Service involves delivering next-generation firewall capabilities in a cloud-native solution. This type of firewall may include advanced features such as:

            • Access control
            • Intrusion prevention systems
            • Advanced threat prevention

            Pros: Very easy to scale since you only need to add more capacity to the cloud server. Cloud firewalls also offer the high availability (HA) configuration typically offered by the cloud provider. (Regularly >99.99%).

            Cons: Cloud-based firewalls are usually generic, which makes them weaker against software-specific vulnerabilities

            5 Best Firewall Software Brands

            While choosing the best firewall solution for you will depend on your company’s needs, here is our roundup of the top five firewall brands:

            1. Fortinet FortiGate
            2. pfSense
            3. Cisco ASA Firewall
            4. Check Point NGFW
            5. Cisco Firepower NGFW

            The Future of Firewalls

            Far from being outdated, firewalls are an essential component of an organization’s network security. With attacks becoming more sophisticated and more frequent, implementing a next-generation firewall can help provide a comprehensive solution to stop multiple attacks.

            By combining traditional packet inspection with advanced threat protection, firewalls are adapting to the cybersecurity landscape and proving that they are here to stay.

            Do you have any additional inputs? Please comment below!

            Related Categories: Firewalls

            PeerSpot user
            Guest
            0 Comments
            Buyer's Guide
            Firewalls
            May 2022
            Find out what your peers are saying about Fortinet, Check Point, Netgate and others in Firewalls. Updated: May 2022.
            598,634 professionals have used our research since 2012.