A firewall is a network security device that acts as the gatekeeper for your computer, device, or network. It monitors and screens traffic to and from your device and prevents any unauthorized access to your files. When a firewall is doing its job effectively, it prevents cyber-attackers from infiltrating your device and protects your private data from being stolen.

Most personal computers are sold pre-installed with a basic firewall in their operating system, but they usually only offer a limited level of security. For businesses, organizations, and individuals who have higher and specialized security needs, other types of firewalls might be needed to protect data from security threats. From proxy firewall and packet filtering to stateful inspection firewall, unified threat management firewall, next generation firewall, threat focused firewall, virtual firewall, and cloud native firewall, each type of firewall comes with their own set of features and advantages to serve a unique purpose.

In this blog, we will go over what each of these firewalls are, their use and benefits, as well as how to select the right product to maximize your internet and network security.

What is a Firewall image

What do Firewalls do?

Digital devices and the internet have overtaken almost every aspect of our day-to-day lives. The global number of internet users has increased substantially in the last 20 years - from 413 million in 2000 to over 4.6 billion users now in 2022. While the efficiency and convenience of technology continues to improve, the threat and predominance of malicious software has also advanced at an alarming rate. Individuals and businesses are almost always exposed to security threats when they are connected to the internet or a network. As a countermeasure, firewalls act as the first line of defence that protects your data from being stolen when using a computer or digital device.

Simply put, internet firewalls provide security by preventing unauthorized access into or out of a computer network. They are like the immigrations and customs department that guards the border of a country. They utilize a specific set of pre-established security rules to decide what can come in and what can go out. They detect suspicious and unauthorized traffic (such as a cyberattack) and block them from entering your network or device.

History of Firewalls

Gen 1 – Late 1980s: Packet-Filter Firewalls

The first generation of firewalls was developed by Digital Equipment Corporation (DEC) in 1988. This generation is often known as the Packet-Filter Firewall as they perform inspection on the packets of information transferred between different computers on a network. The packet filter had a set of rules that governed what is allowed to pass and what is not. While they employed similar principles to the firewalls we have today, their functions and features were far less sophisticated as the threats they dealt with were nowhere as complex as the ones today.

Gen 2 – 1990s: Stateful Firewalls

Unlike the previous generation, these firewalls monitored the session and connection state of packets, which provided deeper packet inspection and improved security for computers and networks.

Gen 3 – 2000s: Application Layer Firewall

As the internet developed and gained global prominence in the 1990s, so too did cyber threats. Many businesses were affected by cyber-attacks and desperately demanded better security options. Application Layer Firewalls were developed during this time to deal with newer internet threats. They ran on the application layer and could inspect all data passing through the running software. They manage applications that send and receive data on the internet, such as web browsers.

Next Gen – From 2010s onward: Sandboxing, Machine Learning & More

The internet has become a daily tool for most people in the world. Cloud technology gradually replaced the need for data centers. As our technology continued to advance, large-scale and evasive attacks became more common than ever as hackers began using AI and bots to multiply the magnitude of their attacks. Next Generation Firewalls (NGFW) that combine newer technology like sandboxing, machine learning, and advanced malware detection are developed as a countermeasure to newer and more complex cyber threats.

How do firewalls work?

While the capabilities of firewalls have improved drastically throughout the years, their primary function remains to act as a gatekeeper and determine which traffic should be allowed or restricted based on a set of rules. Most firewalls do this by using protection methods such as:

  • Packet-Filtering – Comparing packets of data against filters that are designed to identify malicious data. Data packets that meet the criteria of a threat will not be allowed to pass through.
  • Proxy Service – This method creates an intermediary gateway that prevents direct contact between users and the internet. It also obscures the protected network’s architecture and hides private IP addresses from external users to provide extra protection.
  • Stateful Inspection – Besides inspecting every incoming and outgoing data packet, this method also checks for the origin of the data, the ports they use, and applications that are involved. It also collects information about previous data packets to better prevent threats in the future.
  • NAT (Network and Port Address Translation) – This method changes the IP address to improve security and decrease the number of addresses a business or organization needs.

On top of these traditional methods of protection, newer and more advanced firewalls like Sangfor NGAF utilize cutting-edge technology like intrusion detection systems (IDS), intrusion prevention systems (IPS), behavioral analysis of traffic, and threat signature or unusual network activity to provide deeper inspection and improved packet-content filtering of all network traffic. Modern firewalls like Sangfor NGAF also provide a degree of VPN support to further improve security when connected to the internet.

Web Application Firewalls & Network Firewalls

Firewalls can be further divided into two major categories – application firewalls and network firewalls. They each offer protection against a different set of threats and operate in very different ways. It’s important to understand their differences when choosing the best security solution for your organization.

  • Web Application Firewalls (WAF) – This type of firewall provides application layer inspection and offer great protection against internet threats and web-based attacks targeted at applications. They detect and blocks any malicious HTTP requests and prevent them from reaching users and web applications. They are designed to protect against cyber threats like DDoS, SQL injection, and cross-site scripting, but do not protect against network layer attacks.
  • Network Firewalls – This type of firewall enhances security by protecting a private network from unauthorized access. They typically offer protection against a wider range of traffic types than WAFs, and do well against network threats like unauthorized access, MITM attacks, and privilege escalation.

It’s important to understand that these firewalls complement each other and only a combination of both can give you a full range of protection. In the past, organizations would have to purchase two separate firewall products to cover all the various threats they might be exposed to. Next-generation firewalls like Sangfor NGAF, however, combine the capabilities of network firewalls and WAFs to provide a much more efficient and cost-effective solution.

The Importance of NAT and VPN

When selecting a firewall for your organization, it’s also important to look for NAT (Network Address Translation) and VPN (Virtual Private Network)  features and compatibility. As businesses and organizations rely more and more on the internet for their daily operation, NAT and VPN features can help mask an organization’s private IP address and hides their activity from the public. While they cannot replace firewalls on their own, the wide range of benefits that they offer, like data encryption, location hiding, and protecting your identity from webmasters, can further heighten a business or organization’s privacy and network security.

Firewall vs Antivirus

Firewalls and antivirus software are two different types of products that perform very different functions but are often confused for one another. While both tools are essential in today’s business environment, assuming that an antivirus software can do the work of a firewall for your organization would be a fatal mistake that can lead to disastrous consequences.

Key differences between the two include:

Firewall Antivirus
  • Acts as a first line of defence that focuses on preventing external threats
  • Deals with threats from all incoming packets of data
  • Protects the system from all kinds of threats, including cyber attacks
  • Main function is to monitor traffic and restrict unauthorized entry
  • Scans system for infected files and software, mainly deals with internal threats
  • Deals primarily with threats from malicious software
  • Focuses on threats from malicious software only
  • Main function is to scan, detect, and remove existing threats inside the computer system

Pros and Cons of Firewalls

According to an FBI report, US-based businesses lost approximately $6.5 billion dollars to cybercrime in the year 2021 alone. No business or individual is exempt from cyber threats in today’s world, and it is absolutely essential for any organization to be equipped with a firewall. With that said, there are no real cons to owning a firewall, but only challenges and constraints that may require special solutions.

Pros Cons
  • Protection against hackers, cyber-attacks, and unauthorized remote access
  • Better privacy and security for your organization
  • Enhances VOIP phone reliability
  • Might be expensive for some organizations
  • Often need to be managed by IT professionals
  • Cannot fix all cyber security problems (e.g. Antivirus software would still be needed at the individual system level to scan for existing viruses, etc.)
  • Can sometimes slow down your internet connection

Open-source options

Different organizations have varying cyber security needs and not all businesses are ready to spend on an enterprise-grade firewall for better protection. If your organization is satisfied with just a basic level of network security, open-source firewalls like IPFire and pfSense might be great solutions to help you save on costs.

For more information on how to choose a firewall for your business, check out our enterprise firewall buyer’s guide here. If you are looking to upgrade your network security with an all-round and comprehensive firewall that can protect your business from 99% of cyber security threats, be sure to visit the Sangfor NGAF product page to learn more about its features and capabilities, advantages, customer success stories, data sheets, and more.

 

Contact Us for Business Inquiry

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Glossaries

Cyber Security

What Is SASE? Definition, Benefits, and Uses

Date : 26 Jan 2023
Read Now

Cyber Security

What Is A Business Intelligence Platform? (A Guide to BI Platforms)

Date : 09 Jan 2023
Read Now

Cyber Security

What is Next Generation Firewall (NGFW)? 

Date : 09 Jan 2023
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
NGAF - Next Generation Firewall (NGFW)
Platform-X
SASE Access
icon notification