An explanation of firewall types and uses
In this video, Informa TechTarget managing editor Kate Murray explains the different kinds of firewalls and how they are used to combat cyberthreats.
Firewalls stop threats at the perimeter.
The term firewall was first used in construction, referring to a brick wall designed to stop fire from spreading in a building. In computer networking, a firewall works similarly: It stops external threats from entering a network.
Firewalls can be physical hardware, software, software as a service or even virtual private clouds. Considered an essential component of network security, they are used in both personal and enterprise settings.
Here, we'll cover the basics of firewalls and how they work.
A firewall is placed somewhere along a network connection, most commonly between an internal and external network -- like the internet.
As external data tries to enter an internal network, the firewall inspects its packet information, including its source and destination address. It compares it against a set of preconfigured rules to determine if it's benign or malicious traffic.
If the data abides by the rule set, it can pass through the firewall and enter the internal network. If it doesn't, the data packet is blocked from entering.
Some common applications of firewalls include the following:
- Access control, like a school network blocking social media sites for students or an enterprise network blocking objectionable websites that aren't suitable for work.
- Threat defense, which blocks malware attacks or hacking attempts from the outside.
- Logging and auditing, meaning keeping a record of network events that administrators can use to improve rules.
- Secure remote access, which grants secure remote access to a network, such as through a VPN.
Firewalls aren't just for blocking outside traffic. They can also be used to isolate a demilitarized zone to allow client communication without letting them into the internal network, or within an internal network to separate sensitive data.
There are different firewalls for different jobs. The most basic type of firewall is a packet-filtering firewall, as previously described. They only look at the packet information and don't consider context.
Other types of firewalls, in increasing levels of context, include the following:
- Stateful inspection firewalls.
- Circuit-level gateway firewalls.
- Proxy firewalls.
- Next-generation firewalls.
- Threat-focused next-generation firewalls.
- Virtual firewalls.
- Cloud-native firewalls.
Firewalls are usually paired with other security components, such as intrusion detection systems and intrusion prevention systems, because firewalls are still vulnerable to high-level attacks. For example, packet-filtering firewalls don't use deep packet inspection, so they can't see the contents of the packet -- just the packet header information -- and might let in unwanted traffic.
While firewalls are generally used to prevent cyberattacks, they can also be used unethically.
For instance, consider the Great Firewall of China. The Chinese government uses this firewall to restrict access to politically or socially sensitive content, monitor online activity, and collect personal information, which can impede individual freedoms.
Some companies have also come under scrutiny for using firewalls to restrict employee access to legitimate websites or to keep tabs on their online activities.
As the networking and cybersecurity landscape becomes increasingly complex, experts warn that firewalls might become less effective, and some even predict a departure from the client-server model altogether.
What are your thoughts on the future of firewalls? Will they face obscurity any time soon? Share your thoughts in the comments, and remember to like and subscribe, too.
Sabrina Polin is a senior managing editor of video content for the Learning Content team. She plans and develops video content for Informa TechTarget's editorial YouTube channel, Eye on Tech. Previously, Sabrina was a reporter for the Products Content team.