BotNet News

Firewalls have been around for decades, evolving with the technology they protect. They started out as packet filters, examining packets of data that travel between networks to check for malicious activity. Virus attacks in the late 1980s drove the creation of anti-virus products, while hacker exploits of applications in the mid 1990s led to Intrusion Prevention Systems (IPS) products.

The latest generation of firewalls combines traditional firewall capabilities with application awareness and an advanced IPS to deliver comprehensive network protection. Next-generation firewalls (NGFW) can also identify threats at the source and automatically reassign firewall resources during unexpected peak traffic conditions, keeping them optimized under any circumstance.

When a packet arrives, the firewall compares it to its ruleset and determines whether it complies with security policies. The ruleset can be based on several things indicated in the packet, including its source and destination IP addresses and ports, the protocol used (Transmission Control Protocol or User Datagram Protocol) and its content. For example, a firewall rule can specify that an employee in the human resources department is not allowed to upload credit card information to Dropbox or any other external website.

In addition to secure setup and configuration, effective firewall management involves establishing a consistent patching process. Firewalls must be updated to prevent the exploitation of unknown vulnerabilities, like those exposed in the ArcaneDoorcampaign, which targeted Cisco’s Adaptive Security Appliances. Moreover, regular review of logs and alerts can help reduce the risk of misconfiguration and keep policy aligned with real-world needs.