What is a Firewall?
We all love our data, right?
We don't want our data destroyed or stolen, we want it protected.
So, how does a firewall protect our data?
Think of a firewall like a security guard at a business. Every day the security guard will check badges of employees entering and leaving. If they don't have a badge, they aren't allowed access into the building.
The security guard is inspecting the people and if they don't have the certain requirement they aren't allowed entry into the secure facility.
This is what a firewall does for our network, it inspects the packets (data) being sent across our network, trying to enter and leave. If it doesn't meet the requirements that are set by the firewall, it isn't allowed to leave or enter our network.
Types of Firewalls
1. Software Firewalls
This is the most common type of firewall. Software firewalls are located directly on the computer you are using. They come in many different flavors: Norton, McAfee, Kaspersky, etc. They all similarly do they same thing though.
You can filter incoming and outgoing traffic, and set rules for different applications. Even if you have other firewalls in place, you should always have a firewall setup on your computer.
2. Packet-Filtering
Packet-Filtering Firewalls operate at the OSI network layer (layer 3). These filter packets based on where they are going and where they are coming from. The filtering is based on rules that are set for IP addresses, ports, and protocols.
Recommended by LinkedIn
At this layer, communication is based upon Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
3. Application Firewall / Web-Application Firewall (WAF)
Application Firewalls operate at the OSI application layer (layer 7). These are not application (software) firewalls, these filter traffic based on the protocols used for applications (software).
For instance you want to use your email. To send and receive email, you need various protocols open: SMTP (25 & 587), IMAP (143 & 993), and POP3 (110 & 995). These protocols would need to be configured properly for you to send and receive emails.
4. Hardware Firewalls
Hardware Firewalls are a physical piece of hardware that connects to your network. These are great for larger businesses, don't consume resources like software firewalls, and offer a high level of security.
For a large network, these would used in conjunction with a software firewall, for a layered defense. These may be overkill for individual or smaller networks due to their cost and complexity.
5. Next-Generation Firewalls (NGFs)
You want a swiss army knife? Something advanced that is able to handle and do a lot? Enter the Next-Generation Firewall (NGF), these are sophisticated and provide a lot of protection. They provide functionalities such as deep packet inspection (DPI), TLS/SSL encrypted traffic inspection, intrusion prevention systems (IPS), and website filtering.
These still provide functions of a regular firewall, but add in all the benefits listed above. They can also detect and block advanced malware, and address modern security threats while maintaining high performance and low latency.
Final Thoughts
When thinking about security and protecting your data, you should always think in a layered approach. You don't want a single point of failure in your network, you always want redundancies and layers. To protect from vulnerabilities always make sure to patch and update your firewalls, while also performing regular audits of your firewall rules.
You don't need the most expensive or the newest fancy firewall on the market, you just need to have it configured properly. You need to understand your network architecture, evaluate potential threats, and choose the firewall or multiples, that mitigate those threats.