What is Network Firewall ?
Firewall is essential piece of computer networking used to protect informations and networking resources from inside and outside internet world.
Network Firewall is appliance (Hardware/software) used to protect computing and applications resource like end-user system, Business applications, servers, network devices etc. A network firewall is use to monitors and filter incoming and outgoing network traffic based on set of security rule’s defined by a network administrator.
A network Firewall also can inspect the inbound and outbound network traffic, provide deep packet inspection and packet filtering , URL’s inspection , monitor and prevent malicious attacks. In most common scenario, a firewall is essentially the barrier that sits between a private internal network and the public Internet.
Firewall is a safeguarding layer of networking to prevent unauthorised access.Based on the pre-configured rules, it monitors and controls each packet passing through it.Firewall are categories into following states –
- Stateless Firewall.
- Stateful inspection Firewalls.
- Next-generation Firewall (NGFW)
- Proxy Firewall
- UTM Firewall (Unified threat management)
- WAF – Web Application Firewall
- Cloud Firewall
Network Firewall works on following parameters such as IP, ports and algorithm which used to compile firewall rule’s or ACL in order to prevent unauthorised access and protect the network from the malicious activities.
⚠️ Note – Firewalls secure the traffic at a server and application level – Firewall Rule’s/ACL can be built on IP to IP , Specific Port and IP address – For example, “Source address 192.168.10.232 is allowed to reach destination 220.127.116.11 over port 443.
In the recent time, Hacker are using different innovative way to breach network security of the companies that cost to the organization in million of dollars every year. So, Most companies are keeping a dedicated budget to enhancement network security. Companies are buying next-generation firewalls to block modern threats such as advanced malware and application-layer attacks.
Stateless Firewall -:
Stateless Firewall is quite basic Firewall which works on IP based rule’s, It doesn’t understand complex application traffic patterns and data flows.A stateless firewall permit and block the traffic flow based on IP address, it does not keep track of the state of network connections.
Stateful Firewall -:
Stateful Firewall is advance firewall which design to understand the modern application behaviour and traffic flow.A stateful firewall provides deep packets inspection considering the STATE and CONTEXT of the flow, offer extensive logging capabilities and robust attack prevention.Stateful inspection firewall keeping tracks of session of each tcp/udp/icmp connection and provide connection status of each stage.
Stateful Inspection Firewall looks at the TCP header for SYN, RST, ACK, FIN, and other control codes to determine the state of the connection.Stateful firewall also support higher data encryption , fast processing data plane and more processing power in terms of CPU cycles and memory.
1. Stateful Firewall filtering occurs at Layer-3 and Layer-4 (OSI Model).
2. Stateful Firewall monitor traffic streams from end to end.
3. Stateful Firewall provide deep packet inspection.
4. Stateful Firewall keep tracks of each tcp connection.
Next Generation Firewall (NGFW) -:
Next Generation Firewall (NGFW) is modern advance network security appliance that much more powerful and advance firewall than a stateful firewall.Next Generation Firewall provide complete security solution in one box integrated with AMP features (Advance malware protection) , IPS (intrusion prevention system), intelligence threat protection , Advance URL’s filtering , monitoring, deep packet inspection and advance cloud intelligence to stop emerging threats.
In addition, Next Generation Firewall have capability to monitor and protect network from modern threats such as advanced malware and different type of application-layer attacks.
1. NGFW leverage with built-in advance security security features.
2. NGFW provide advance level security protection.
3. NGFW occurs on Application , Transport and Network Layer.
4. NGFW provide advance URL’s filtering.
5. NGFW built-in AMP , IPS and Advance URL’s Filtering feature.
Proxy Firewall -:
A Proxy Firewall also know as Proxy internet gateway.Proxy firewall act as internet gateway to provide ip proxy services for inside user, It protect the users from outside world. Proxy firewall keep hiding the real IP address of users and preventing direct connections from outside the network.Proxy firewall always translate the real IP address to it own gateway IP address before sending the traffic to the internet or external network.
Proxy can provide additional functionality such as content caching , URL catching. It scans the incoming traffic for Application Layer (Layer-7-OSI) protocols like FTP and HTTP/HTTPS and also offers URL’s filtering and deep packet inspection at the gateway level.
Forward Proxy –
A forward proxy act as web-proxy deployed at network edge.Forward proxy provide anonymity to inside network (LAN), it handle outbound internet request behalf of end-user system.A Proxy server does not disclose the originating ip address of the client. Additionally, it disguises a client’s IP address and blocks malicious incoming traffic.
A reverse proxy server commonly deployed for load-balancing in order to increase the performance, reliability and availability of services.A typically reverse proxy server handle the request behalf of servers (Pool of backend servers) and distributes the request according to rule’s/policy defined by a network administrator.
The Best example of reverse proxy is Application Load-Balancer such as F5 LBR , Netscaler etc. A reverse proxy also perform few additional responsibility such as SSL offloading , load-sharing , Web acceleration and application security.
UTM Firewall (Unified Threat Management) is a single unified security products incorporate various security techniques and methods.UTM is Firewall Firewall that come with complete on-box security solution to ensure round the clock protection from the Malicious threats.It includes Packet Filtering , VPN Services , User-based restriction, Data-flow inspection , Monitoring , Anti-spam , Content-Filtering , URL Filtering and anti-virus.
1. UTM Firewall is a multiple security services into one appliance.
2. UTM Firewall protect inbound & outbound traffic from various emerging attacks.
3. UTM Firewall Provide VPN , IPS , URL Filtering and Anti-Virus services.
4. UTM Firewall provide control and visibility over the traffic flow and improve QOS and bandwidth management.
5. UTM Firewall provide easy control to manage and deploy multiple internet policy on single internet connection.
WAF Firewall (Web Application Firewall)-
WAF (Web Application Firewall) commonly deployed in from of Application Servers that protect the servers from outside cyber attack such as SQL injection , DDoS attack , cookie poisoning and other malicious threats.WAF is web application (http/https) firewall occurs of application layer (Layer-7 OSI Model).
A WAF Firewall also act like reverse proxy that protecting the servers farm from outside world, which aim to protect against vulnerabilities in the application.
1. WAF is web-application firewall – Http/https based.
2. WAF is Layer-7 (Application) layer Firewall.
3. WAF also act as reverse proxy firewall.
4. WAF intent to protect the web based application from outside worlds.
5. WAF protect web-application from attacks – SQL Injection , Cross Site Scripting (XSS) , open security ports.
Cloud Firewalls are software based firewall specially designed and developed for cloud platform.Virtual Firewall appliance are intended to deploy within virtual cloud Data-Centre.
Virtual Firewall are used to protect the protect and monitor an organisation Data and application in cloud Platform.The Virtual Firewall Software install on virtual server and secure incoming and outgoing traffic.Cloud Firewall also known as Virtual firewall and easily available in public cloud marketplace.
Since, the cloud services are running, most of Vendor are working to develop virtual firewall.Virtual Firewall are fit for cloud platform and provide full security feature like a hardware Firewall.
Firewall Making vendor like Cisco , Juniper , Barracuda , Alto-alto , Zscaler and many more are pioneer names that providing virtual security solutions for public Cloud.As a new virtual cloud technology, these virtual firewall are capable to understand the modern application need and easily fit within online application environments.