How do Firewalls Work to Ensure Network Security?

How do Firewalls Work to Ensure Network Security?

What is a Firewall?

As the name suggests, it is a wall to protect your system from threats on the ‘Internet’. A Firewall works similar to a Police barricade that is aimed at inspecting the vehicles passing from the area. The purpose of the barricade is to inspect if there is an unauthorized vehicle passing by.

Similarly, the Firewall works as a barrier between your system or the private network and the Internet. A Firewall helps filter the malicious and unauthorized content to keep your system secure. The data sent from or received by a Firewall protected system over the internet passes through it. The Firewall inspects those data packets to check if they are potentially harmful to the system or if they are from an unauthorized source.

Different types of firewalls employ different techniques to protect users from multiple cyber threats.

Types of Firewall

There are several different types of firewalls available. Each one of these firewalls has its own technique to offer protection and its own pros and cons. Not all types of firewalls are identically secure.

Types of Firewall:

  • Circuit Level Gateway
  • Application Level Gateway
  • Stateful Inspection Firewall
  • Next-Gen Firewall

Let’s look at each one of them in detail:

1. Packet Filtering Firewall:

Packet filtering is the most basic form of firewalls used. Data-packets* that carry the information also carry the specifics like SA (Sender’s address), DA (Delivery address), Port number, and protocols.

Packet Filtering firewall works on the set of rules defined by the user also known as ACL (Access Control List). It filters the data either by allowing or disallowing the data packet based on these rules. Packet Filtering firewall comes preinstalled in most internet routers available in the market.

This type of Firewall is also known as a stateless firewall.

Packet Filtering Firewalls
Source: lanner-america.com

Benefits of Using a Packet Filtering Firewall are:

  • The Packet Filtering Firewall filters the data based on SA, DA, Port number, and Protocols. Therefore, it requires less of the system’s resources.
  • Because it uses less of the system’s resources, it promotes speedy transmission through the firewall.

Disadvantages of using a Packet Filtering firewall:

  • The Packet filtering firewall only filters the data based on the SA, DA, Port numbers, and Protocols. But it doesn’t examine the data itself which makes it less secure.
  • To define the rules for filtering the data, the person must be familiar with various TCP/IP protocols. It makes it difficult to configure.

Also Read: Protect Your PC With The Best Free Firewall Software

2. Stateful Inspection Firewall:

Stateful Inspection Firewall can be considered as another variant of Packet Filtering firewall. Because it also filters the data on the basis of static information such as SA and DA.

Difference between Packet filtering firewall (Stateless Firewall) and Stateful inspection firewall is that a Stateful inspection firewall doesn’t filter the data just based on ACPs. It also takes the context in which data is being sent or received into consideration. Stateful Inspection Firewall, unlike stateless, doesn’t filter data based on individual packets in isolation.

Stateful Inspection Firewall
Source: lanner-america.com

Benefits of using Stateful Inspection Firewall:

  • Because it keeps the context of data being transferred into view, it provides better protection from threats that can’t be eliminated by filtering individual packets.
  • Similar to the Packet filtering firewall, it also filters the content on the basis of static information of data packets. Hence, it also promotes speedy transmission.

Disadvantages of using a Stateful Inspection firewall:

  • Similar to the Packet Filtering firewall, the person must be familiar with different TCP/IP protocols to configure the firewall which makes it difficult to configure.
  • Because the Stateful Inspection firewall also doesn’t filter the data packets based on their contents, they are prone to Application-level attacks.

3. Application Level Gateway:

The firewalls which we have discussed so far only filter the data based on Layer 1 to Layer 4 inspection. Application level gateway, on the other hand, employs up to Level 5 and Level 7 inspection to identify malicious sources or data.

In other words, Application Level gateway also checks the data that is being transferred with the packet. It also aids in masking the IP address of the client which offers network security from DoS and DDoS attacks. Application Level Gateway is also known as Proxy Firewall.

Advantages of using Application Level Gateway:

  • It offers protection from Application level attacks to ensure network security.
  • Because the Application Level gateway authenticates individuals and not devices, it helps prevent the majority of spoofing attacks.

Disadvantages of using Application Level Gateway

  • Because Application Gateway Firewalls process every data packet that passes through them, they require a lot of CPU cycles and memory. It sometimes creates throughput problems.

4. Circuit Level Gateway:

Circuit Level Gateway, as the name suggests, keeps a check on the circuit sending the data packets to your network. It works by inspecting the validity of TCP handshaking on the basis of static information such as SA, DA, Ports, protocols, and user trying to send data packets, and the password.

In other words, instead of inspecting the data being transferred, it inspects the connection trying to do so. Once the firewall approves a connection, no further checks are performed.

It works similar to the Application Level Gateway in masking the IP address of the client.

Advantages of using a Circuit Level Gateway:

  • It is easy on the system resources resulting in speedy throughput.
  • Because it masks the IP address of the client, it offers protection from most spoofing attacks.

Disadvantages of Circuit Level Gateway:

  • Because circuit level gateway works by inspecting only the connection, it lacks content filtering.

5. Next Generation Firewall:

As the name suggests, the Next Generation Firewall is more advanced than the traditional firewall. Next Generation firewalls employ both Stateful and Stateless packet filtering. These firewalls have an enhanced capability of filtering the packets based on the application. They utilize signature matching to identify potentially malicious applications.

Next Generation Firewall
Source: firewall.firm.in

Advantages of using Next Generation Firewalls:

  • Next Generation Firewalls are very efficient in battling and blocking malware.
  • These firewalls use different technologies to provide network security from a wide range of potential intrusions.

Disadvantages of using Next Generation Firewalls:

  • The Next Gen Firewall doesn’t inspect the returning traffic if the traffic outbound has already been inspected.
  • Next Gen Firewalls require relatively larger data to determine the validity or invalidity of application.

These were the different types of Firewalls available in the market. More bifurcations can be made on the basis of hardware firewalls and software firewalls as well. But on the basis of functionality, these are the types of firewalls one can choose from. There are different combinations of firewalls used by the clients for enhanced network security. Such as the Hybrid Firewall where two different types of firewalls are put in line to provide improved protection.

How to Choose from different types of Firewalls?

From the different variants, on the very first instance, Next Gen Firewalls seems to be the best pick among all. But it is partially true. Different organizations or individuals have different demands. Hence, the need different solutions. For some people, a simple check that only allows certain users to access the data may be enough. But for others, they may require all kinds of firewalls at once because of the kind of data they have on their personal network or system.

While it is not possible to suggest a type of firewall while being unaware of one’s needs. But here is a list of question that one may ask when deciding for a firewall type:

1. Why do we need a firewall? (The technical reason that has influenced us to go for one.)

2. What type of inspection will provide you the required safety?

3. Should you go for a Hardware solution or a software suits your needs?

4. Should you look for one solution or a combination of different firewalls will help you?

Answers to these questions, with the knowledge of types of Firewalls available in the market, one can easily determine the kind of firewall that meets the need. We hope we were able to clarify the need for a firewall, different types available, and their functions.

Recommended Readings:

Why Should Or Shouldn’t You Disable Windows Firewall?

Why Cyber Security Is Important?

Alarming Cyber Security Facts and Stats – Infographic

Quick Reaction:

One reply on “How do Firewalls Work to Ensure Network Security?”

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe & be the first to know!

Signup for your newsletter and never miss out on any tech update.