What is a Firewall?
Firewalls are networks that protect internal systems from cyber attacks by vetting all data packets (pieces of information for internet transfer) entering and exiting the guarded network. They prevent malicious connections by comparing incoming data with a set of pre-configured rules and, once a potential threat is detected, allowing or disallowing the packet to pass or rejecting it.
The technology behind firewalls evolved to meet changing threats throughout the years. Firewalls are available in both hardware and software form to prevent unauthorized access to your computer or network. Firewalls are often combined with other security measures to enhance the overall defense system, such as antivirus or intrusion prevention systems products.
Modern firewalls can be categorized by the layer of the OSI model they operate at. For example, circuit level firewalls, such as those developed by Reid, Vixie, and Mogul at Digital Equipment Corp in the late 1980s, work at the session layer of the OSI model, which vets connections before they enter the transport layer.
Packet filtering is one of the earliest types of firewalls. As the name suggests, these firewalls inspect data packets at the transmission control protocol/user datagram protocol (TCP/UDP) layer, which includes the communication between applications. If a packet contains malicious code, the firewall halts it before it can infect any other devices or computers.
Stateful inspection, which is sometimes referred to as “dynamic firewall,” is another early type of firewall. These firewalls keep a table of all active connections and compare new data packets to existing ones. If a packet matches an established connection, the firewall lets it through without further analysis. If it doesn’t, the firewall examines it using the rules set for new connections. More recent advancements include unified threat management (UTM) firewalls, which incorporate traditional firewall capabilities with application-layer filtering and integrated IDS/IPS.