BotNet News

Your source for Online Security News

Firewalls protect your network against attacks by examining data packets that flow into and out of devices – and only allowing those with valid needs to access them. They can be hardware (like the router that carries internet from your internet service provider to your home or office), or software (like Windows or macOS firewalls). It is vital that they are properly configured, backed up and updated regularly, and monitored for threats and vulnerabilities. Firewalls are the most public-facing part of any network, making them the biggest targets for hackers.

Firewall tools are governed by rules that decide whether to allow or deny traffic into an enterprise network based on parameters such as source and destination IP addresses, port numbers, communication protocols, etc. These individual rules are nested together to form Access Control Lists (ACL). When data packets enter or leave a device, the firewall tool compares them against the ACL rules in order and either allows or denies them.

While the first generation of firewalls that emerged in the late 1980s used simple packet filtering to examine each data packet on a case-by-case basis, second-generation stateful inspection tools built on this architecture to better understand connections and their behavior. This improved security by taking a macro view of data packets and their relationships to long-term device and connection histories.

This enhanced visibility is the foundation of what’s known as a next-generation firewall, or NGFW. NGFWs are designed to scale easily and automatically, support agile security operations, and offer cloud-native capabilities like secure containerization and multi-tenancy.