What Is a Firewall?
A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Firewalls are a key part of any organization’s cybersecurity strategy, helping to protect networks and their users from security breaches.
Firewall technology has been developed and expanded over time, with each version incorporating different filters that were designed to surpass previous generations. The four main components of firewall architecture are network policy, advanced authentication, packet filtering and application gateways.
Network Policy: A network policy firewall, also known as a stateful inspection firewall, uses a table of existing connections to determine what packets can enter or exit the network. It can then filter out unwanted traffic based on its “learned” history.
Stateful Inspection: A stateful inspection firewall is a type of static packet filtering firewall that operates at the OSI network layer (layer 3). It compares information in each packet to the state table, which is a list of established connections and determines whether a new connection is part of one of them.
Circuit level: A circuit-level firewall, or a session firewall, works at the TCP/IP stack’s session layer, or session initiation protocol (SIP) layer. It monitors TCP handshakes and other SIP session initiation messages as they’re passed across a network to identify malicious content.
Updates: Software updates are released regularly by firewall vendors to address potential security threats. These patches introduce minor changes to the existing firewall software and ensure that it can deal with emerging threats.