April 15, 2021
|
Firewalls are some of the original cybersecurity appliances. They were first used in the early 1990s as a software tool to control incoming traffic to computers, filtering out potential threats in the form of un-validated data packets (more on data packets later). As cyber threats have evolved and become more targeted and sophisticated, so has the firewall, allowing it to remain a central part of any multi-layered security strategy.
Today’s firewall can be either a physical device, software, or a virtual device in the cloud. It provides a layer of defense between your internal network and incoming traffic from the internet and other external sources. Its purpose is to prevent cybercriminals and viruses from gaining access to your network.
How does a firewall protect your network?A firewall blocks access to your network by guarding your device’s entry points or ports through data packet filtering or deep packet inspection. Data packets are small units of data that are sent and received when using the internet. A port is a virtual point where information or data packets are exchanged with external sources. Each type of data packet is sent to a different port that is associated with a number, helping computers to easily differentiate between different kinds of traffic. For example, in order to successfully transfer a file via FTP, the file would be sent through port 21, ensuring that the receiving FTP application knows to listen on that specific port, allowing for a successful exchange of information to occur. (For more information on how FTP ports work, check out this blog post by ExaVault.
In the beginning, firewalls operated at the interface between networks and simply allowed or blocked data packets based on source and destination IP addresses and ports. Over time they grew more sophisticated by looking inside data packets (referred to as deep packet inspection or DPI). Today, you can use either type of firewall (with several variations within these two main types) for varying levels of protection. These two basic types of firewalls are referred to as traditional and next-generation (NGFWs).
The difference between traditional and next-generation firewallsA traditional firewall looks at the state of a particular connection through data packet filtering. It can look at each data packet and see what type of port is being used, its source and destination, and whether the connection adheres to the pre-established rules and parameters set by that firewall. Typically this type of firewall is deployed along with various other security devices such as an intrusion detection/prevention system (IDS/IPS), a web application firewall (WAF), and a network filter.
NGFWs go beyond data packet filtering and use deep packet inspection (DPI) to look inside the packets to see if they contain malware and then determine what service or application sent them. DPI can also be used to help with the flow of traffic by enabling certain information from pre-identified sources to pass through more quickly, speeding up critical data transfers.
Both traditional firewalls and NGFWs can take the form of physical hardware or software that you download onto your device. NGFWs can also be cloud-based. There are many options out there but we recommend Sonicwall to our clients. It provides NGFWs in the form of physical hardware as well as virtual solutions. Lastly, using a firewall in conjunction with a Virtual Private Network can provide even more comprehensive protection.
Have more questions about firewalls and how they can protect your business network? Don’t hesitate to get in touch.
Feature photo by Franco Atkins from Pexels
Related reading: How to Secure Your Internet Connection: A Network Security Checklist 5 Ways a Data Breach Can Cause Long-Term Damage to Your Business VPNs Explained and How to Choose One
Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing.
Want IT to serve you better?
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––– About Pagoda Technologies IT services Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.
|
Return to Pagoda Blog Main Page |