BotNet News

Firewalls monitor network traffic, block unauthorized connections and limit access to a protected area. They filter incoming and outgoing data based on a set of rules, and help control the flow of information between systems to prevent eavesdropping and advanced persistent threats (APTs). Firewalls can be installed at the perimeter of a business to guard against external threats, or they can be deployed within the network to create security segmentation and guard against insider attacks. Firewalls also perform logging and monitoring functions to provide cybersecurity intelligence, and their logs can be analyzed to identify patterns that can help improve firewall rules.

Originally, firewalls were physical hardware appliances that plugged into networks, but they can now run in software or in the cloud. They can be configured to meet specific requirements, or they can incorporate multiple functionalities like enterprise firewall capabilities, integrated intrusion detection and prevention systems, and application control into a single solution called a next generation firewall (NGFW).

Early firewalls used packet-filtering technology to check individual data packets. They compared the contents of data packets with a database of known attack patterns and made decisions to permit or block them. Then, in the late 1980s and early 1990s, AT&T Bell Labs researchers developed circuit-level gateway firewalls to vette ongoing connections without inspecting each data packet. These first-generation firewalls were limited by their ability to detect malicious activity, but they provided a solid foundation for future advancements. By the mid-2000s, stateful firewalls emerged, keeping track of active network sessions and relying on context to make better decisions about which data packets to allow or deny.