A firewall is a hardware or software solution that monitors and controls network traffic. It acts as a barrier between internal networks (such as home or corporate networks) and external networks (such as the internet). A firewall can block or allow traffic based on predefined security rules.
Originally, firewalls were used as a barrier between the internal private network and the internet to prevent unauthorized access to internal servers and PCs. The main purpose of the firewall was to ensure that the internet did not have free access to internal systems, while also allowing the specification of which ports and protocols should be allowed to pass.
Today, however, firewalls are used to a much greater extent to segment internal networks and services. Microsegmentation is a term used to divide the internal network into very small segments, such as databases, file services, and name services, and place them in separate segments or security zones.
The purpose of microsegmentation is to protect internal systems from each other, as internal computers can be their own worst enemies. Compromising one computer is isolated and thus prevented from spreading to other parts of the network.
We have two types of firewalls: Hardware firewall and software Firewall.
A hardware firewall is a physical device that protects networks by filtering and controlling incoming and outgoing traffic. It acts as a barrier between internal and external networks, such as the internet, and prevents unauthorized and malicious traffic. Hardware firewalls have traditionally been used to protect local networks, and they can contain special chips that accelerate tasks such as encryption and decryption.
This type of firewall is usually placed at the entrance to the network, for example, between a router and the rest of the network. Hardware firewalls have several useful security features such as packet filtering, state monitoring, and inspection of network packets.
Software firewalls are installed directly on individual computers, mobile devices, or servers in the network. They are used to protect against vulnerabilities and unauthorized access. Like hardware firewalls, software firewalls monitor and control incoming and outgoing network traffic based on predefined rules.
Traditionally, firewalls have been implemented as dedicated hardware devices, but today firewalls are often used as software, especially in cloud environments and virtualized server environments. The advantage of hardware firewalls is that they can contain specialized chips that accelerate certain tasks, such as encryption. On the other hand, software-based firewalls can be scaled up in performance by running on more powerful servers.
In data centers and cloud services, software firewalls are widely used to control so-called east-west traffic (traffic between servers and services within the data center). Firewalls in such environments can be virtualized to secure communication between different applications and services on the same hardware.
Today’s firewalls for enterprise use are often called Next-Generation Firewalls (NGFW). This term was defined by Gartner Group in the mid-2000s, and today it is almost impossible to find an enterprise firewall that cannot be called Next-Gen. All modern firewalls offer features such as deep packet inspection, application control, IPS (Intrusion Prevention System), and integrated threat intelligence.
Next-Gen firewalls use a wide range of parameters to classify and manage traffic. Examples of such parameters include application type, user identity, client hardware, time, and security risk. Additionally, traffic is inspected inline for threats, sensitive content, and approved or unwanted URLs. Many Next-Gen firewalls can also decrypt traffic to inspect the content.
Furthermore, machine learning and artificial intelligence are used in external cloud services to enhance the firewalls’ ability to detect and block threats in real-time.
Examples of Next-Gen firewalls: Palo Alto Networks NGFW, Fortinet FortiGate, Cisco Firepower, Check Point NGFW. Palo Alto Networks was the first to introduce its NGFW in 2008.
Through our partner Palo Alto Networks, Sicra offers Next-Gen firewalls. We have specialists in this solution, and we provide customized solutions that are suitable for both small and large businesses.
Read about our "firewall" service here >
Related words: NGFW, IPS, Microsegmentation, Deep Packet Inspection (DPI), Application control, VPN, Threat intelligence, Encryption, Decryption, Artificial intelligence (AI), Machine learning