May 24, 2021

What is a firewall? Types of firewalls and why you need one

There’s only so much you can do when it comes to securing your information on your network. Whether it is restricting physical access to your computers and networking devices, assigning a complicated password to your Wifi or using other methods of authentication to log in to your devices (Two-factor authentication, fingerprint lock, one time passwords, etc), unwanted visitors will have it easy when they decide they want to access your information using any of the most common methods (Phishing, key logging, Malwares, to mention a few) unless you have extra layers of security.

Technology is always evolving, and with that, new methods of accessing unsecured networks keep arising. On the other hand, Firewall technologies are also in continuous development providing updated mechanisms to defend against all types of network attacks.

By definition, a firewall is:

A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.

A firewall can be hardware, software, or both.  (Definition by Cisco)

That being said, what does it do? how does it work?

Either if it’s a physical device or a program installed in your computer, a firewall works to isolate your computer from the internet while inspecting the data that goes from your computer to the internet and likewise, from the internet to your computer.

The incoming traffic is analyzed and filtered based on preset rules or rules created by a user, permitting the traffic to pass or blocking it if it doesn’t meet the required conditions.

what is a firewall, types of firewall, why you need a firewall

Users can filter traffic by its type, source, destination, and for more experienced people, it can also be filtered by IP or MAC addresses, port numbers or services.

We can classify firewalls in a few different ways and some vendors may have different technologies so it is important to know the differences between them when you are debating about which one is the best for your needs.

Stateful firewall or stateless firewall?

The oldest and simplest distinction between firewalls is whether it is stateless or stateful. The main difference between those is that Stateless firewalls cannot see packets as a part of a larger traffic and will inspect them in isolation. This can make them susceptible to attacks that are not hidden within individual packets but spread across many of them.

In networking, a packet is a small segment of a larger message. Data sent over computer networks, such as the Internet, is divided into packets. These packets are then recombined by the computer or device that receives them. (Definition by Cloudflare)

Stateful firewalls in the other hand, are a more advanced and modern extension of stateless packet filtering firewalls, in the sense that they can continuously monitor the state of the network and the active connections it has.

Traditional types of firewalls (stateful or stateless) are designed to filter traffic based upon predefined rules.

what is a firewall, types of firewall, why you need a firewall

A next-generation firewall (NGFW) includes all of this functionality but also incorporates additional security features. A NGFW adds additional security solutions such as application control, an intrusion prevention system (IPS), and the ability to inspect suspicious content in a sandboxed environment. This enables it to more effectively identify and block incoming attacks before they reach an organization’s internal network. (Definition by Checkpoint)

A firewall enhances your network’s security and it’s definitely a must as your first line of defense to keep your network & personal information secure.

Article written by Giuseff Rivas.