Firewalls have been for 30 years or more and are as essential now to the security of your business network as they were when they first entered, if not more so. Firewalls are a method of filtering out malicious traffic before it crosses the network perimeter, and also act as a method to manage users who are on your network.
There are 5 types of firewall which includes:
- Packet filtering firewall
- Circuit-level gateway
- Application-level firewall (also known as a proxy firewall)
- Stateful inspection firewall
- Next-generation firewall (NGFW)
Firewalls offer many features more advanced that just your standard firewall functionality which includes intrusion detection or prevention, denial of service attack (DDOS) protection, session monitoring and more.
What is the difference between th various firewall types?
1. Packet-filtering firewall
These firewalls compare the packets that it receives to a set of established criteria to identify any packets that do not meet the relevant criteria and are thus dropped, or cease to exist. The criteria that the packet-filtering firewall uses includes IP address, packet type, port number, among other elements of the packet protocol found in the headers.
These firewalls aren’t resource intensive so they don’t have a big negative effect on your system performance and are quite simple to implement, however, they are just as easy to bypass, and therefore aren’t the most secure.
2. Circuit-level gateway
A circuit-level gateway monitors TCP handshakes and other network protocol session initiation messages on the network between the local and remote hosts, using this information to establish whether a session is legitimate or not.
These firewalls are super resource-efficient, but because they do not check the packet itself, if a packet contains malware but had the right TCP handshake, it would pass through.
3. Application-level gateway
This device is often referred to as a proxy firewall and functions as the only entry and exit point from the network. This firewall filters packets by the service for which it is intended as well as by other characteristics, such as the HTTP request string.
Similar to the stateful inspection firewall, in that it looks at both the packet and the TCP handshake, but different because it goes a bit further by performing deep-layer packet inspection, checking the actual contents of the information of the packet to verify it contains no malware.
4. Stateful-inspection firewall
A stateful inspection firewall examines each packet and also tracks whether the packet is part of an established TCP or other network session.
These firewalls are better than the packet-filtering and the circuit-level, however, they are quite resource intensive and thus put a strain on computing resources.
5. Next-generation firewall
A next-generation firewall uses a combination of packet inspection, stateful inspection and includes a variety of deep packet inspection along with other security systems such as IDS/IPS and malware filtering, antivirus.
These firewalls are quite extensive in their functionality and offer a high-level of security, however, next-generation firewalls differ from service provider to service provider, so its important to always check what features are included when investigating the implementation of one of these.
Firewall comparison chart by techtarget,com
So which one should your business use?
You’re probably wondering which firewall you should use, do you use a simple packet-filtering or circuit-level that doesn’t affect your computing resources negatively or do you go for more robust protection with an application-level or next-generation firewall?
In today’s world of cyber crime, the answer is as many as are necessary. When it comes to protecting your business, you should have multiple layers of firewalls both at the perimeter and separating different devices on your network.
An example of this type of setup that protects your business at multiple layers could be the use of a hardware or cloud firewall solution to protect your perimeter and then device specific software-based firewalls for each of the devices on your network.
By protecting your network at multiple layers, you make it harder for attackers to crack, keeping you and your data safer.
