Types of Firewalls
Firewalls are the first line of defense for networks against malware and attackers. They monitor incoming and outgoing network traffic to detect malicious data packets based on predefined rules, allowing only legitimate traffic into your private network. They are implemented as hardware, software, or both.
The type of firewall you need for your organization depends on the size and complexity of your network. There are two main types: network-based and host-based firewalls.
Next-generation firewalls (NGFWs) combine traditional firewall capabilities with an IPS, application awareness and deep packet inspection to provide wider and deeper security. They also feature Secure Sockets Layer (SSL) decryption functionality to help identify data breach attempts from encrypted applications.
Packet filtering firewalls inspect packets at a lower level of the TCP/IP protocol stack and don’t allow them to pass through unless they match the established rule set based on source and destination IP addresses and ports. They are often more effective than similar devices that do application layer inspection, but unwanted applications and malware can still get through.
Stateful inspection firewalls examine packets and make decisions based on a state table that stores information about previous interactions with a computer. This gives them greater flexibility and makes them more able to filter out disruptions in the future.
Proxy firewalls, also known as application-level firewalls or layer 7 firewalls, use a combination of packet-filtering and stateful inspection to read and filter application protocols such as HTTP, FTP, and DNS. This type of firewall is typically hosted on a proxy server and acts as an intermediary between an external network and internal host computers.