Types of Firewalls
Firewalls protect networks from cyberattacks by blocking suspicious traffic that may lead to a malware infection. They are also used to prevent unwanted access by unauthorized users. Firewalls are designed to inspect data packets entering and leaving a network and determine whether they should be allowed or blocked based on pre-established security rules. Firewalls filter network traffic and analyze it based on several aspects indicated by the packet, like its source, destination, and content.
The firewall filters data packets and matches it with a set of rules, which is a table of actions to be taken. Once a match is made, the associated action will be executed and only then the incoming or outgoing network traffic will pass. Firewalls are often integrated with network monitoring tools to detect anomalous behavior. For example, if a system administrator’s password has been changed, the monitoring software will send an alert to the IT team so they can take action and block the unauthorized user.
Packet-filtering firewalls are the oldest type of firewall and work by examining the header information that makes up each piece of data packet. This is the most basic form of protection and is best suited for smaller networks.
Stateful inspection firewalls are more advanced than the packet-filtering firewalls, allowing them to vet connections at the network layer and determine which types of traffic should be permitted and denied based on previous interactions. They can be found in large and mid-sized organizations.