Firewalls are typically inserted inline across a network connection, overlooking the traffic passing through that point. Firewalls are meant to communicate about which network protocol traffic is passive, and which packets are actively involved in the event of an attack.
Firewalls also monitor traffic by virtue of pre-established rules designed to filter through malicious content. No security product has the capability of accurate intent prediction of all content, however, advancements in security technology facilitate the application of known patterns in network data that have been used to signal previous attacks in other enterprises.
Firewalls apply rules that define criteria under given packets in a transaction that can be safely routed forward to the intended recipient.
Listed below are the five types of firewalls that continue to play important roles in enterprise environments today.
1. Packet filtering firewall
These operate at junction points where devices like routers and switches execute their functionality. These firewalls compare each packet that is received to a set of established criteria such as allowed IP addresses, packet types, port numbers, and other aspects of packet protocol headers. Packets flagged as troublesome are not forwarded and thereby cease to exist.
2. Circuit level gateway
Quick identification of malicious content is done by circuit-level gateways that monitor TCP handshakes & network protocol session initiation messages across the network, established between local and remote hosts to determine the legitimacy of the initiated sessions and thereby determine whether the remote system can be trusted.
3. Application-level gateway
This device functions as the only entry point and exit point to and from the network. It is technically a proxy and sometimes referred to as a proxy firewall. Application-level gateways filter packets not only according to the intended service, as specified by the destination port, but also by characteristics such as HTTP request string.
4. Stateful inspection firewall
State-aware devices keep track of whether or not each packet that is examined is part of an established TCP or other network sessions. This offers more security than either packet filtering or circuit monitoring alone, exacting a greater toll on network performance.
Another variant of stateful inspection is the multilayer inspection firewall, considering the flow of transactions in process across multiple protocol layers of the seven-layer OSI (Open Systems Interconnection) model.
5. Next-generation firewall
An NGFW combines stateful and packet inspection, including some deep packet inspection (DPI) varieties in addition to network security systems such as IDS/IPS, antivirus, and malware filtration too.
Packet inspection in traditional firewalls looks exclusively at the packet’s protocol header, while DPI looks at the actual data carried by the packet. DPI firewalls track the progress of web browsing sessions and can notice if a packet payload, assembled with other packets in an HTTP server reply, constitutes legitimate HTML-formatted responses.
For Fortinet firewall solutions in Dubai, get in touch with Supercad – among the leading Fortinet firewall partners in UAE, Supercad is sure to have all the solutions for your requirements.