What Is Firewall ?
Firewall is defined as the cybersecurity device (Hardware/Software) used to protect the internal private network from unauthorized access in the internet. Basically firewall monitors and filters incoming and outgoing network traffic based on a pre-defined set of security rules. Firewall creates a barrier between internal private network and public internet. Over the internet there is hackers and malware traffic tried to penetrate into internal network. Firewall blocks these unwanted harmful traffic and keep safe internal network.
Types of Firewall
Packet Filtering
Packet filtering firewall is the most basic type of firewall. It examine network traffic by filtering incoming packets. Prevent them from moving on if the specific security rule is not met. Data packet is consists of header and payload. This Firewall examines the header in isolation and does not know the packet payload. Firewall decides whether a packet is allowed or denied access based on the header information. Header contains the source and destination IP address, port number, protocol, and other information. If a data packet match all the required firewall rules then firewall allow the traffic otherwise it denied the traffic. The packet filtering firewall is effective but its processes each packet in isolation and payload is not examined, It can be vulnerable to IP snooping attack.
Proxy Firewall
A proxy acts as a gateway between internal and external systems communicating over the Internet. Proxy firewalls operate at the layer 7 of OSI model act as intermediate device to filter incoming traffic between two end systems. That is why these firewalls are called application layer firewall. Proxy firewall uses proxy server. Whenever a user sends a request to access a web page, proxy forwards the message to the web server, pretending to be the user. By doing this it hides user’s identity ip address and location. The web server then responds and gives the proxy the requested information, which is passed on to the user. Proxy provides a significant privacy and security to the user.
Stateful Inspection Firewall
Stateful inspection include both packet inspection (header & payload) and TCP three way handshake verification, making this firewall more superior as compared to packet filtering firewall. Let assume, a user sends a request to a web server, when packet is passes through firewall, firewall makes a table called state table which stored all the information of header section like source and destination IP address, port number, protocol, and other information. When server reply to a same traffic flow which is previously stored in state table then only firewall allow it otherwise firewall block the server reply.
Next Generation Firewall
Next Generation firewall is the most popular firewall which is used in these days among all other types of firewall. the next-gen firewall inspects the entire transaction of data packet, including the TCP 3 way handshake, surface-level, and deep packet inspection. Next gen firewall is more secure because it comes with anti-virus, anti-malware, VPN and even encrypted traffic inspection. Sometimes Next Generation firewall also known as Unified Threat Management (UTM). It is expensive firewall.
Hello my friend! I wish to say that this post is awesome, nice written and come with almost all important infos. I would like to look more posts like this .