A firewall is either a software program or piece of hardware that acts as a network security device monitoring incoming and outgoing network traffic, helps screen out hackers, viruses, and worms that try to reach your computer over the Internet and decides whether to allow or block specific traffic based on a defined set of security rules.
They do this by establishing a barrier between secured and controlled internal network that can be trusted and an untrusted outside network.
This device acts as the gateway between networks for a specific application. Proxy servers are also able to conduct content caching and security by stopping any outside networks from connecting directly.
Stateful Inspection Firewall
This is the most common firewall for household computers. It regulates traffic based on state, port, and protocol. Activity is monitored from the opening of a connection until it is closed. The administrator decides on the parameters for filtering as well as context or the history of previous connections and packets belonging to the same connection.
Unified Threat Management (UTM) Firewall
This is essentially a combination of the functions conducted by stateful inspection firewall with intrusion prevention and antivirus. Additional services can include cloud management. UTMs are very easy to use and have a focus on simplicity.
Next-Generation Firewall (NGFW)
Gartner, Inc.'s defines a next-generation firewall as a firewall that includes:
- Application awareness and control so as to block risky apps
- Stateful inspections
- Integrated intrusion prevention
- Techniques to assess the evolution of security threats
- Upgrade paths to include future information feeds
These are by no means the exhaustive list of the features of the NGFWs.
Added to the features of the capabilities found in a traditional NGFW and also include an advanced threat detection and remediation capability as well as:
- Speedy reacting to attacks with intelligent security automation that sets policies and hardens your defenses in a dynamic manner.
- Lists assets by their risk criteria with complete context awareness.
- Improved detection of suspicious or evasive activity with network endpoint event correlation.
- Time from detection to clean up is improved substantially with retrospective security that continuously monitors for suspicious activity and behaviour beyond the initial inspection.
- Administrative ease and reduced complexity with unified policies that protect across the entire attack continuum.
If you use a computer at home, the most effective and important first step you can take to help protect your computer is to turn on a firewall.
Ultimately understanding the true state of your firewall security is not only good for minimizing network risks, it can also be beneficial in terms of documenting your network, tweaking its architecture, and fine-tuning some of your standards, policies, and procedures that involve security hardening, change management, and the like.
Thank you for visiting Base64. Should you have any comments, please share them in the section provided below!