BotNet News

Your source for Online Security News

Firewall

Firewalls are a critical component of network security and play an important role in protecting sensitive data, preventing cyber attacks, and maintaining the integrity of computer systems and networks. A firewall is a hardware or software solution that sits at the boundary of a network and inspects both incoming and outgoing data packets to determine whether they are malicious. Firewalls are a key part of a layered approach to network security and work best when deployed in combination with other solutions.

There are many different firewall types that use varying methods to filter out unwanted traffic and data. These are grouped into categories that focus on what they protect – network-based firewalls guard entire networks and are often hardware while host-based firewalls protect individual computers — known as hosts — within the network and are typically software.

Other firewall types include packet filtering, stateful inspection, and application firewalls (also referred to as proxy firewalls). Packet-filtering analyzes each data packet in isolation, and does not consider the context of the connection that created it. This is a simple and resource-efficient method, but it’s susceptible to certain vulnerabilities like the one that allowed a nation-state actor to infiltrate U.S. agencies in late 2017.

Stateful inspection monitors active network connection sessions, sorting and analyzing each incoming or outgoing packet based on characteristics like destination ports and HTTP request strings. This is an effective method for vetting existing connections, but it’s vulnerable to denial of service (DoS) attacks that leverage established connections that this type of firewall assumes are safe.