BotNet News

Firewalls provide many benefits, including blocking malicious traffic, enforcing access controls and providing visibility into network activity. Each firewall type has a specific set of features that offer unique protection capabilities.

Packet Filtering

Firewall software inspects individual data packets on a packet-by-packet basis and allows or blocks them based on predetermined rules. These systems are typically located in line at junction points of network connections, or on internal networks at the edge where they monitor traffic between internal segments.

Stateful Inspection (Dynamic Packet Filtering)

As network threats evolved, a new generation of firewalls emerged to meet the demand for greater security. Known as stateful firewalls, these systems use a database to track the state of active connections and evaluate traffic in context. These systems are more robust than basic packet filtering, as they compare multiple attributes such as source, destination, and connection protocol with established criteria to allow or block traffic.

Application Gateways (Proxy Services)

As a result of increased web-based threats, third-generation firewalls—or application layer firewalls—enable more granular control by monitoring the actual content of network traffic between clients and servers. These systems function as intermediaries and examine all communication requests in both directions.

Many third-generation firewalls integrate User ID technology, which enables them to link a user’s login information to their network activities. This enables the firewall to apply rules and policies based on user groups, roles or individual users rather than on network topology alone. For example, a school may wish to restrict access to its social media server from students, and this can be done by configuring the firewall to rely on directory services like LDAP, RADIUS or Active Directory for user group memberships.