It’s been around thirty years since the concept of a network firewall was introduced. Since then, network firewalls have been an essential security tool in the arsenal of enterprise network security departments. In essence, a firewall is a tool that filters out malicious traffic before it enters the network security perimeter. Due to its capability, it has proven to be very effective in boosting network security over all these decades. However, the firewall that was developed in the beginning is not the same as the advanced modern firewall available. It has evolved dramatically in terms of capabilities, features, add-ons, and deployment options.
Types of Network Firewalls
There are generally 5 types of network firewalls, namely:
• Packet-Filtering Firewall – filters entire traffic based on IP address or port information
• Circuit-Level Gateway – only processes requested transactions and rejects other traffic
• Application-Level Gateway (also called proxy firewall) – functions as the only entry point and exit point from the network
• Stateful Inspection Firewall – Examines each packet and tracks if the packet is part of an established TCP or other network sessions
• Next-Generation Firewall (NGFW) – Combines DPI with malware filtering & other controls and tracks all traffic from Layer 2 to the application layer
However, when it comes to delivery and deployment, you can categorize all firewalls into 3 categories:
• Hardware-based firewall
• Software-based firewall
• Cloud/Hosted firewall
Hardware-Based firewalls
• These firewalls come as physical appliances that act as a secure gateway between devices installed inside the network parameter and the ones outside it.
• These appliances are self-contained devices, and they don’t consume the processing power or other resources of host devices.
• Also known as network-based firewalls, these appliances are ideal for medium and large organizations that want to protect several devices.
• They need network engineers with in-depth knowledge to configure and manage.
Software-Based Firewalls
• Also called host firewalls, these firewalls run on a server or other devices.
• These firewalls are required to be installed on each device to protect against threats.
• As they run on a server or another device, they consume some of the host device’s CPU and RAM resources.
• They are ideal to protect individual devices against viruses and malicious content.
• They can differentiate between several programs running on the host device while filtering the inbound and outbound traffic.
• These firewalls offer a granular level of control and protection, making it possible to enable communications to/from one program but prevent it to/from another.
Cloud Firewall/Firewall-as-a-Service
Cloud-based firewalls are offered by managed security service providers (MSSPs). This service can configure these firewalls to track both internal activity and third-party on-demand environments. It can be fully managed by an MSSP, which makes it a nice option for large or highly distributed enterprises with gaps in security resources. Besides, they can also be beneficial for SMEs with limited staff and expertise.
Often, organizations need more than one type of firewall to provide enhanced and comprehensive security for their systems and data.
How to Choose the Most Suitable Firewalls for My Organization
When choosing firewalls, it can be quite confusing to pick one or more of them without any guidance. The firewall that is best for one business might not be a great option for another business. To make your selection process easier, ask the following questions.
• What are the technical security objectives of the firewall?
• How does a type of firewall better fit into an organization’s architecture?
• What kind of traffic inspections do you need?
• Does a firewall come with features like antivirus, intrusion protection, and VPN capabilities?