Imagine a wall of fire. Nothing can survive passing through the roaring flames unless it is appropriately protected against the incredible heat. A wall of fire is an effective defense tool — though it isn’t exactly practical in the real world.
In the digital world, firewalls work just like a real wall of fire: They keep out anything that isn’t expressly allowed to pass through. A firewall is an essential component of any digital security strategy, but there are different types of firewalls for you to choose from. Here is a quick guide to different firewalls, so you can make the right choice for your digital defenses.
The packet-filtering firewall is the most basic type of firewall, and accordingly, it was the very first firewall to be developed. American tech companies Cisco Systems and Digital Equipment Corporation devised packet-filtering firewalls to better protect company data as it was transferred between offices. Around this time, the first major malicious programs were being spread around the world, so many corporations were experimenting with new security solutions to protect their important digital systems.
In networking, a packet is a bundle of data; often, it is not an entire message, but rather a small segment that is more easily shipped from one destination to another. Just as you would not be able to pass through a wall of fire without certain precautions, a packet cannot move past a packet-filtering firewall unless it meets specific security rules.
Packet-filtering firewalls inspect surface-level data on each packet — information like the source and destination, port number and protocol — before determining whether the packet can proceed onto the network or not. There are two types of packet-filtering firewall: stateful and stateless. Stateless firewalls inspect each packet individually, while stateful firewalls recognize packets they have inspected previously.
The benefit of packet-filtering firewalls is that they use minimal resources, meaning there is virtually no drain on system performance. However, because these firewalls do not open packets to inspect their contents, it is relatively easy for cyberattackers to sneak malicious code past these firewalls.
The most popular firewall from antivirus protection you will find today is the next-generation firewall, sometimes abbreviated to NGFW. These firewalls build upon all other firewall types, aggregating useful features like intrusion prevention, anti-malware, encrypted traffic inspection and more, while improving storage space, processing speed and memory.
Unlike packet-filtering firewalls, NGFWs can open up packets in a process called deep packet inspection, which allows them to identify and block malicious data before it can invade a network. What’s more, these firewalls can provide extensive application control, so users can distinguish between safe and dangerous applications and thwart malware.
There’s just one problem: There isn’t much consensus on what constitutes a NGFW. Thus, you might find products claiming to be NGFWs that lack many or most of the above features. You should never trust a NGFW label without investigating what the firewall provider means by “next-gen.”
Proxy firewalls monitor traffic at the application layer, which is why they are often also called application-level firewalls. They situate themselves between networks, on the cloud or a proxy device, to perform stateful surface-level inspections and deep inspections of data. Thus, traffic does not connect directly between two networks; the proxy firewall is like an additional destination — a customs territory where data is examined for security before it can travel to its final destination.
Unfortunately, the need for data to stop at a proxy firewall inserts extra steps into the process of sending and receiving data over the network, and applications can be slower as a result. There are ways to speed up proxy firewalls, but if you need your web applications to run lightning-quick, you might consider another firewall option.
An acronym meaning network address translation, NAT firewalls help maintain the security of individual, private devices. Instead of labeling packets with the true IP addresses of the devices within their network, NAT firewalls assign a public address to the entire group. Thus, when cybercriminals are scanning data for specific details about a network or devices, they are not able to determine much of use.
Similar to the application-level firewall, a web application firewall, or WAF, stand between websites or web apps and users, monitoring and filtering data that comes from either direction. WAFs can live on networks, on website host devices, or within the cloud, and typically, they help protect a number of websites, not just one.
A firewall shouldn’t be your only line of defense against attack, but it is a relatively important one. Just as you want homeowners’ insurance to keep your house safe, you need some type of firewall to protect your network and devices.