Types of Firewalls
Firewalls establish a barrier between your secured internal network and untrusted outside networks (such as the Internet). They screen data packets based on pre-established security rules. They then either accept, reject or drop traffic based on those rules. These firewalls can be software or hardware devices or cloud-based solutions.
The first and most common type of firewall is the packet filtering firewall. This firewall inspects small amounts of incoming and outgoing data and assesses the packet’s source, destination, content, application protocols and more. This type of firewall is good for blocking simple malicious traffic and unsolicited communications, such as spam.
Packet filtering firewalls are often combined with other cybersecurity technologies into unified threat management (UTM) programs. Using the combined power of multiple types of firewalls can help you protect against more sophisticated and evolving cyberattacks.
Stateful inspection firewalls are another popular option. These firewalls keep a list of existing connections and compare new packets to that list to determine whether they are part of an established connection. If the new packet matches an existing connection, it’s passed without further evaluation. Otherwise, it’s evaluated based on the firewall’s rule set for new connections. This can protect against denial of service attacks and other malicious activities, but it’s vulnerable to certain types of attack.
Circuit-level gateways operate at the session OSI layer and monitor TCP (Transmission Control Protocol) handshakes between hosts to approve or deny traffic quickly. This simple firewall type can protect against some malware and other threats, but doesn’t offer logging or access control features.