A firewall can be described as a network security system whose function is to control and monitor incoming and outgoing networks. A firewall is based on predetermined security rules. It acts as a barrier securing an inner network from an outer network, for instance, internet. Network firewall is a software appliance running on hardware based firewall used to filter traffic on more than two networks. A layer of software protection is provided by a host based firewall on one of the hosts that is responsible for network traffic. Routers are used to separate different broadcast domains and pass data between networks, these networks contain firewall components and also performs basic routing functions.
Types of Firewalls
Application layer firewalls are responsible for metadata as well as actual data transportation. They work on certain protocols such as HTTP and FTP, and look after the data for validation.
Packets can be defined as small pieces of data traveling along the internet. Metadata is attached to each packet for the identification of the respective data inlet and outlet. According to the rules, some packets are rejected or dropped. All the firewalls have the ability to perform this activity known as network layering.
Stateful Packet inspection
It performs the track of connections in addition to simple packet filtering. A packet performs two functions, either it’s part of a new or existing connection or else it can be dropped.
Use of Next-generation firewalls (NGFW)
Next Generation Firewalls came into the picture due to some limitations in Stateful Packet Inspection as it does not inspect network packets containing data payload and also due to high network traffic, it uses web protocols, including business and non-business applications. New approaches have been added by security vendors, including deep packet and inspection intrusion prevention, for the detection of malware in network traffic.
This can be a drawback too as these approaches add more and more devices that add latency, as these packets are passed from one appliance to the other. These devices should be configured in some unified threat management systems so that multiple functions can be handled in a single platform. NGFW helps address application awareness drawbacks and traffic inspection, without hampering performance.
There are several firewalls designed according to Internet-centric systems to meet performance and security requirements. It should be kept in mind that deploying a series of firewalls increases the difficulty of obtaining unauthorised access to sensitive resources on the Internet. At the same time, it increases the complexity and maintenance of infrastructure. Designing of networks depends on the nature of applications and risks being mitigated via security parameters around your servers.
Given the facts in this blog, it can be concluded that firewalls, being an important part of security, cannot be expected to perform all security function requirements in isolation.