What is a Firewall?
Either a hardware or software-based, a firewall is a network security device that keeps a check of all the incoming and outgoing traffic and accepts, rejects or drops that specific traffic based on a defined set of security rules. Between a secured internal network and an outside un-trusted network, the technology of a firewall acts as a blockage. AN un-trusted network can majorly be referred to as an internet connection.
The security of the network was performed previously by Access Control Lists before the introduction of firewall technology. The determination of whether network access should be granted or denied to a specific IP address is been done by a set of rules and these set of rules are known as Access Control Lists or ALC. But, it is to be noted that alone Access Control Lists cannot determine the nature of the packet it is blocking and also do not own the capacity to keep threats out of the network. Thus arises the need for a firewall.
A network traffic can be either outgoing or incoming depending upon the perspective of a server. The technology of a firewall maintains a distinct set of rules for both the cases. In most of the cases, the outgoing traffic that is produced from the server itself is permitted to pass. Yet, setting the rule on outgoing traffic is always preferred with an aim to achieve increased security and protect the unwanted communication.
On the other side, the treatment for incoming traffic has been different. TCP, UDP or ICMP are the three major transport layer protocols and a majority of the traffic which reaches the firewall is through one of these three major Transport Layer protocols-. All these types own a source address and a destination address. Apart from this, the TCP and UDP also own port numbers. ICMP makes use of type code instead of port number and it identifies the purpose of that packet.
Types of Firewalls :
There exist two types of firewalls named hardware firewalls and software firewalls.
1. Hardware Fireballs
These are the physical devices that are been placed between the internet and the computer. Hardware fireballs are separate devices that often require professional support for configuration and maintenance and this happens to be the prime disadvantage of the hardware fireballs.
2. Software Fireballs
Unlike hardware, the software fireballs are digital in nature. These fireballs are able to control the internet access and behaviour of programs on the computer. Even though a majority of operating systems (OSs) include a basic built-in software firewall feature these digital fireballs are also available separately from computer stores and trusted online vendors.
What are the different generations of firewall technology?
The technology of firewalls can be segmented based on the different generations of it and currently, the technology holds a total of four generations.
First Generation – Packet Filtering Firewall
Through the means of monitoring outgoing and incoming packets and allowing them to pass or stop based on source and destination IP address, protocols and ports the use of a packet filtering firewall takes place to control the access of the network. Packet firewalls own no ability to tell whether a packet is part of an existing stream of traffic and thus they treat each packet in isolation. It only can allow or deny the packets based on unique packet headers.
Second Generation- Stateful Inspection Firewall
This second generation firewall is much more efficient than the first generation as it owns the ability to determine the connection state of a packet, unlike a Packet filtering firewall. It ensures the keeping of track of the state of networks connection travelling across it, such as TCP streams. Thus, not only on the packet’s history in the state table but, the filtering decisions would not only be based on defined rules.
Third Generation- Application Layer Firewall
Inspecting and filtering the packets on any OSI layer, up to the application layer is possible in the third generation application layer firewall. These generation firewalls are hosts that run proxy servers. The direct connection between either side of the firewall is been prevented by proxy firewalls. This generation firewall can permit or block the traffic based on predefined rules.
Next Generation Firewalls
In order to prevent the modern security breaches like advanced malware attacks and application-layer attacks the deployment of Next Generation Firewalls have taken place. Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities are the contents of Next Generation Firewalls. It protects the network from these modern threats.
The protection of your digital data holds an important role in the upgrading of your business entity. Internet criminals often will be constantly in search of the computer systems that are unprotected through the means of digital security technologies like a firewall. The crimes such as ransomware attacks on the computers of various business computer systems are a result of the systems being unprotected through various security types. Even though no technology can guarantee 100% security to your system but the technology of fireballs will ensure the protection to a major extent. Thus, it is always advised on the part of the firms to integrate the technology of firewall to make sure you ow a safer running of your business system through the means of digital technology.
To Know More Visit On : Ammah Techsavvy