Firewall Security Management
20 TOP MOST PROBLEMS IN FIREWALLS WHICH IMPACT BUSINESS More »
Firewall Security Management
Firewall Hardening Checklist More »
Firewall Security Monitoring
Giving You a Proactive Approach to Your Cyber security with Security Monitoring More »
Best TOP Enterprise Network Firewalls
List of Top Firewall Providers Company / Companies in India More »
Tag Archives: Types of firewalls
Firewall
Firewall
Firewall
What is Firewall?
A firewall is a network security device located between your internal network and the wider Internet. A firewall monitors incoming and outgoing network traffic – blocking or allowing it based on a set of configurable rules.
Firewalls are a fundamental piece of security and typically form the first line of defence on a network. Acting as a filter against bad connections from the outside world.
A firewall works by comparing the data sent into or out of the network against a list of rules. Based on the results of the rule checking, the firewall will then either block or allow the connection.
How does a firewall work?
Firewalls work by inspecting data packets (small chunks of data) against an internal list of rules. Here are some of the more common ones:
- IP addresses – filter out traffic from suspicious IPs
- Domain names – block traffic from known malicious domains
- Ports – deny traffic trying to enter through a certain port
- Contents – block data packets containing certain keywords
A firewall scans the contents of the packet and then determines whether to let it through based on the rules in place. On a typical network setup, all connections to the Internet flow through the firewall. Meaning it inspects all inbound or outgoing packets.
How does firewall inspection work?
The process of inspection involves comparing a packet’s contents against the firewall’s set of rules. Depending on if the rule is setup as a blacklist or whitelist, it will react differently to a match.
- A blacklist rule will block any packets which match the criteria.
- A whitelist rule will block any packets which don’t match the criteria.
A firewall’s rules are highly configurable. Meaning you can make the packet inspection process unique to your security setup. Here are some examples of how you could use custom firewall rules:
- Creating a whitelist for your own company IP. Preventing any outsiders from accessing what’s behind the firewall.
- Making a blacklist for the IP of a known malicious file server. Stopping it from distributing malware onto your network.
- Creating a whitelist for certain domain extensions (.com, .co.uk .edu e.t.c.) on outgoing traffic. Blocking staff from accessing potentially dangerous sites.
Why are firewalls important?
Firewalls are often compared to a lock on the door to your network. But it might be more accurate to say that a firewall is the door.
Without a firewall in place, any connection can flow freely in or out of your network. Including connections from known malicious sources. This means you could experience unauthorised access to networked files. Leading to a data breach, malware infection or worse.
You need a firewall to filter out the bulk of malicious connections. And there’s a lot of malicious connections. One study found that within 52 seconds of being online, servers were being probed by hackers. With an average rate of 757 connection attempts per hour.
Are firewalls hardware or software?
Firewalls can be either a hardware appliance or a piece of software which runs on a machine. So, the answer is both.
Not helpful, I know.
But the main difference between the two is this:
- Software firewalls tend to protect the individual machine it’s installed upon, typically a laptop or PC
- Hardware firewalls usually protect many machines or an entire network.
What types of firewall are there?
Circuit-level
Circuit level firewalls are a type of firewall that monitors transmission control protocol (TCP) handshaking. It ensures that the communication between packets is legitimate and not malicious.
Stateful inspection
A firewall with stateful inspection considers the state of current connections when filtering packets. This means that the firewall can block the packet in one case but allowed in another. Depending on the current state of the connection.
Unified threat management (UTM)
Whilst technically not a type of firewall, UTM is instead an advanced security appliance which combines the security functions of many different security appliances. One of these being a firewall. We have an article explaining everything you need to know about UTM if you wish to learn more.
What is a next-generation firewall?
A next-generation firewall (NGFW) contains all the normal defences that a traditional firewall has and more. The most common additions are intrusion prevention software and application control. But certain vendors have other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.
Intrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place.
Application control software sets up a hard filter for programs that can send or receive data over the Internet. This can either be done by blacklist (blocks any programs in the filter) or by whitelist (blocks any programs not in the filter).
What is deep packet inspection?
Deep Packet Inspection (DPI) is a type of packet inspection which analyses the full contents of a data packet. Instead of only information in a packet’s header (where it is coming from and going to).
This enables DPI to filter out malicious packets, such as viruses and trojans, with better accuracy. As rather than only looking at the sender and destination, the packet’s contents can be used in filters as well.
This allows DPI to uncover a broader range of security threats because it will discover packets with a malicious payload but an innocuous header.
Where did the name firewall come from?
A final piece of trivia: the name firewall originated from the real-world application of fire partitions used in buildings. These would be walls that were implemented into a building to act as a barrier to stop fire spreading from one room to another.
The similarity between a fire spreading through a building and a computer virus spreading through a network prompted the same name to be adopted for the network device.
List of Firewall appliances Company in India
List of Firewall appliances Company in India
List of Firewall appliances Company in India
In general, a computer appliance is a computing device with a specific function and limited configuration ability, and a software appliance is a set of computer programs that might be combined with just enough operating system (JeOS) for it to run optimally on industry standard computer hardware or in a virtual machine.
A firewall appliance is a combination of a firewall software and an operating system that is purposely built to run a firewall system on a dedicated hardware or virtual machine. These include:
- embedded firewalls: very limited-capability programs running on a low-power CPU system,
- software-based firewall appliances: a system that can be run in independent hardware or in a virtualised environment as a virtual appliance
- hardware-based firewall appliances: a firewall appliance that runs on a hardware specifically built to install as a network device, providing enough network interfaces and CPU to serve a wide range of purposes. From protecting a small network (a few network ports and few megabits per second throughput) to protecting an enterprise-level network (tens of network ports and gigabits per second throughput).
The following table Lists of TOP Firewall Companies in India, different Hardware / Software firewall appliances lists.
List of TOP Firewall Companies in India
| Firewall | License | Cost | OS |
|---|---|---|---|
Check Point |
Proprietary | Included on Check Point security gateways |
Proprietary operating system Check Point IPSO and Gaia (Linux-based) |
FortiGate |
Proprietary | Included on all Fortigate devices |
Proprietary, FortiOS |
Palo Alto Networks |
Proprietary | Included on Palo Alto Networks firewalls |
Proprietary operating system PANOS |
WatchGuard |
Proprietary | Included on all WatchGuard firewalls |
Proprietary operating system |
Sophos |
Proprietary | Included on Sophos UTM | Linux-based appliance |
Cisco Asa Firepower |
Proprietary | Included on all CISCO ASA devices |
Proprietary operating system |
|
Cisco PIX |
Proprietary | Included on all CISCO PIX devices |
Proprietary operating system |
Forcepoint |
Proprietary | Included on Intel Security Appliance | Linux-based appliance |
Juniper SSG |
Proprietary | Included on Netscreen security gateways |
Proprietary operating system ScreenOS |
|
Juniper SRX |
Proprietary | Included on SRX security gateways |
Proprietary operating system Junos |
Sonicwall |
Proprietary | Included on Dell appliance | Proprietary operating system SonicOs |
Barracuda Firewall |
Proprietary | Included Firewall Next Generation appliance | Windows-based appliance embedded firewall distribution |
Cyberoam |
Proprietary | Included Firewall Sophos appliance | Windows-based appliance embedded firewall distribution |
| D-Link | Proprietary | Included Firewall DFL | Windows-based appliance embedded firewall distribution |
| Endian Firewall | Proprietary | Free / Paid | Linux-based appliance |
| Opendium Iceni | Proprietary | Free / Paid | Linux-based, with optional web filtering / auditing. |
| IPCop | GPL | Free / Paid | Linux-based appliance firewall distribution |
|
pfSense |
ESF/BSD | Free / Paid | FreeBSD-based appliance firewall distribution |
| IPFire | GPL | Free / Paid | Linux/NanoBSD-based appliance firewall distribution |
| Untangle | GPL | Free / Paid | Linux/NanoBSD-based appliance firewall distribution |
| Zeroshell | GPL | Free / Paid | Linux/NanoBSD-based appliance firewall distribution |
| SmoothWall | GPL | Free / Paid | Linux-based appliance embedded firewall distribution |
| WinGate | GPL | Free / Paid | Windows-based appliance embedded firewall distribution |
| Calyptix Security | BSD | Free | OpenBSD-based appliance firewall distribution |
| Halon Security | BSD | Free | OpenBSD-based appliance |
| Vantronix | BSD | Free | OpenBSD-based appliance |
