The humble firewall has saved many a network. And yet the premise as to how it works is actually very simple: let the good stuff in, block the bad stuff. Shown below, at the most basic level, is a firewall at work. Hint: It acts as a wall, as the name suggests.
A firewall can be either a piece of hardware or software, and its gatekeeping can be likened to a 24/7 shield for your private network. It can also be likened to a “super” security guard—one who knows thousands, if not millions, of criminals, and uses this encyclopaedic knowledge to determine who can and cannot enter.
Aside from hardware and software sub-classes, firewalls can also be any one of the following sub-types:
• Packet-filtering firewall. This type of firewall is the most basic of all, and it works by blocking network traffic IP protocol, IP addresses and port numbers. It is ideal for smaller networks, though its simplicity means it is also limited. Its biggest limitation is that it cannot block web-based attacks since it allows all web traffic.
• Proxy service firewall. This type of firewall filters messages at the application layer, essentially acting as the middleman between the internal network and the servers on the web. A proxy service firewall, otherwise known as a “gateway firewall,” uses more technologies than a packet-filtering firewall and is, therefore, more secure.
• Stateful multi-layer inspection firewall. This type of firewall has standard firewall capabilities, along with the capability to keep track of previously established connections. It filters traffic based not only on protocol, state, and port but also on administrator-defined context that uses data from both previous connections and packets from the same connections.
• Unified threat management firewall. This firewall is basically a stateful multi-layer inspection firewall but upgraded with an antivirus, intrusion prevention and other additional services.
• Network address translation firewall. This type of firewall accepts solicited inbound traffic only and blocks unsolicited communications.
• Virtual firewall. This firewall is an appliance used in cloud-based systems. It assesses and manages internet traffic over physical and virtual networks.</p
• Next-Generation firewall. This type of firewall is the latest iteration of the firewall, and it is more modern and more sophisticated than the others.
Despite being considered the first line of defence, firewalls are nonetheless a critical part of what is supposed to be a larger, more expansive cybersecurity structure. It is crucial because it can protect an organisation’s network from a variety of cyber threats, notably the following: