What is a firewall?
A firewall is a type of network security device that keeps an eye on all incoming and outgoing network traffic and uses pre-established security rules to determine whether to allow or prohibit particular types of data.
For more than 20 years, firewalls have served as the first line of defense in network security. They provide a wall between untrusted external networks, like the Internet, from managed and guarded internal networks that are reliable.
A firewall can be virtualized or run on hardware, software, software-as-a-service (SaaS), or public or private clouds.
Different types of firewall
Proxy firewall
A proxy firewall, an early kind of firewall device, acts as the application's gateway from one network to another. Proxy servers block direct connections from outside the network, which allows them to offer extra features like content caching and security. Throughput capacities and the applications they can handle, however, may also be impacted by this.
Stateful inspection firewall
A stateful inspection firewall, now regarded as a "traditional" firewall, permits or prohibits traffic depending on its protocol, state, and port. It keeps an eye on every action from the moment a connection is made until it is broken. Administrator-defined rules and context—which refers to utilizing data from prior connections and packets belonging to the same connection—are the two main factors considered when making filtering judgments.
Unified threat management (UTM) firewall
Typically, a UTM device integrates intrusion prevention, antivirus, and stateful inspection firewall capabilities in a loosely connected manner. Additional services and frequently cloud management could also be part of it. UTMs prioritize use and simplicity.
Next-generation firewall (NGFW)
Firewalls are becoming more sophisticated than only stateful inspection and packet filtering. Next-generation firewalls are being installed by the majority of businesses to stop contemporary threats including application-layer attacks and sophisticated malware.
As per the definition provided by Gartner, Inc., a next-generation firewall ought to comprise:
- Stateful inspection combined with intelligence-based access control
- An integrated method of preventing intrusions (IPS)
- Control and awareness of applications to identify and prevent dangerous apps
- Upgrade routes to incorporate upcoming feeds of information
- Methods for dealing with changing security risks
- geolocation and reputation-based URL filtering
Even though most businesses are starting to require these capabilities, NGFWs are capable of more.
Threat-focused NGFW
These firewalls offer enhanced threat detection and remediation in addition to having all the features of a regular NGFW. An threat-focused NGFW allows you to:
With full context knowledge, you can identify which assets are most vulnerable.
Use intelligent security automation to quickly respond to assaults by dynamically hardening your defenses and establishing policies.
Network and endpoint event correlation allows for more accurate detection of evasive or suspicious conduct.
Retrospective security, which always keeps an eye out for questionable activity and behavior even after the initial inspection, can significantly reduce the time it takes from detection to cleanup.
Streamline management and minimize intricacy by implementing cohesive procedures that safeguard against all forms of attacks.
Virtual firewall
To monitor and secure traffic across physical and virtual networks, a virtual firewall is typically deployed as a virtual appliance in a public cloud (Amazon Web Services or AWS, Microsoft Azure, Google Cloud Platform or GCP, Oracle Cloud Infrastructure or OCI) or private cloud (VMware ESXi, Microsoft Hyper-V, KVM). In software-defined networks, virtual firewalls are frequently essential elements (SDN).
Cloud Native Firewall
The method of securing workload infrastructure and applications at scale is being modernized by cloud native firewalls. Cloud native firewalls allow the networking operations and security operations teams to operate at fast speeds thanks to their automated scaling features.
Cloud-native firewalls' benefits
Flexible and adaptable security
Possibility of many tenants
Astute load distribution
