With easy access to the internet, our urgency for cyber security has intensified. It has become increasingly more difficult to keep your personal information off the web with Data breaches becoming more prevalent. As our day to day tasks continue to rely on the use of technology, our information is constantly being exchanged with servers and the cloud. Businesses top priorities include keeping their clients’ information private and secured from any potential web attacks. This is where firewalls come into the picture. Firewalls have become one of the top forms of securing information from being breached. It helps with the vetting of information coming to you in determining whether it’s safe or if it has malicious intent.
A firewall is a security device that filters incoming data based on a set of rules previously set. Based on the analysis of the data, it either blocks the data and protects your information; or it permits for the data to flow through. Think of it like airport security. The only way to get through TSA is by meeting the rules of having a ticket and having a valid form of identification. Getting onto a plane, you must have a valid ticket for that specific aircrafts destination. This vetting process establishes a barrier between your network and external information that can be harmful such as viruses and hackers.
There are two main types of firewalls that help categorize the different functions of firewalls. There are software and hardware firewalls. Software firewalls are programs installed into your device that help filter incoming data through ports and applications. Hardware firewalls are physical pieces of equipment stored in between your network and the modem also called a gateway. An example would be a broadband router.
Under these two types of firewalls, there are firewalls that offer different levels of protection. It is not uncommon to see businesses use multiple types of firewalls to optimize their security. Below we will be covering Packet Filtering, Proxy, Stateful Multilayer, Next Generation, Network Address Translation firewalls.
Packet filtering firewalls are the most common and the most simple. Many small businesses use this type of firewall as it covers their basic needs. Packet filtering firewalls examine the incoming datas source and compare it to a set of rules previously set. Based on the analysis of the information, it is either allowed to reach its destination I.P address or it is prohibited from doing so.
There are two main categories for packet filtering firewalls, stateful and stateless. Stateless firewalls examine data independently without context. While stateful filtering uses previously passed information to assess whether information is allowed or not. It is very simple in terms of analyzing the “physical” appearance and not diving deeper into the information it carries.
Packet filtering firewalls are effective but they are very basic. They can only assess if the incoming data meets the set or rules to enter the I.P address destination. They have no way of knowing if the contents of the data contain viruses or delete information.
A unified threat management (UTM) firewall offers a variety of functionalities on top of filtering incoming data. Today, we see that many threats and attacks target different aspects of your network and device. UTM acts in defense by having one single security solution that has many security functions. Some of these many functions include antivirus, anti-spyware, anti-spam, network fire-walling, intrusion detection/prevention, content filtering and leak prevention. Like we have stated before, it is not uncommon to see businesses use more than one firewall for different security measures. However, if you are constantly running into attacks that are targeting more than one function the UTM firewall might be the right one for you.
Stateful multilayer firewalls (SMLI) have all the standard abilities to filter through incoming information. However, instead of analyzing the informational packet as a whole, it analyzes each layer of the packet to see if each layer meets the requirements. If the informational packet is allowed to reach its I.P destination address, this firewall will continue to monitor the communication process in order to make sure that the communication taking place is being done with trusted sources.
Next generation firewalls (NGFW) combine stateful inspection and deep packet inspection (DPI). The key with this particular firewall is that with DPI, the contents of the information packet are also examined. Whereas in a regular packet filtering firewall, the contents are not inspected. By combining stateful inspection with DPI, it allows for NGFW to handle more complex and evolving threats.
Network Address translation (NAT) firewall allows for multiple independent network addresses to connect to the internet using a single IP address. This keeps the individual’s IP address hidden which makes it difficult for hackers to target an individual. NAt firewalls can also assess internet traffic and block unsolicited communications.