A firewall is a security device that monitors incoming and outgoing traffic in a network. It inspects traffic based on a set of rules that help in distinguishing which traffic to allow and which to block.
To prevent unauthorized access to your network, configuring a set of rules can help block malicious traffic. This can be done by identifying the source and destination address of the information packets. Based on the address, the firewall will decide if the traffic can be allowed or not.
Firewalls monitor all the ports in a network, which are the point of communication between the devices within a network and the devices outside of it. Firewalls can be either hardware or software, although most networks consist of both types. A hardware firewall is usually located in the router and monitors the communication that passes through it. A software firewall is installed as an application on a device to monitor traffic through ports and applications.
First-generation firewalls use a technique wherein the packets of information are given permission to enter or leave the network based on their source and destination IP addresses. This is called packet filtering, leading the first generation of firewalls to be called packet filtering firewalls.
A second-generation firewall, or a gateway firewall, uses a proxy to increase the security services provided. The proxy acts as a middleman between the user on LAN and the internet. Each user communicates by ensuring that all the packets are passed through a proxy service to the destination. The proxy service will process the data and only allow that which it deems safe. The source and destination nodes do not communicate directly, only through the proxy.
While firewalls are efficient, they are also limited in their anti-intrusion capacity and in filtering malicious software that might originate from a trusted source address. This issue can be addressed by a next-generation firewall, or NGFW.
An NGFW is a third-generation firewall that combines intrusion detection and deep packet inspection (DPI) along with traditional firewall capabilities. While packet filtering checks the source and destination IP addresses, DPI checks the information contained inside the packet and works in real time. DPI monitors the information and figures out where the information originated from and which application it came from. In doing this, NGFWs process network traffic and will block potentially dangerous sources.
A regular firewall will work only on the network layer and transport layer (Layer 3 and Layer 4) of the OSI model since it checks the IP address (Layer 3) and the transmission protocol. (Layer 4). This is different from an NGFW, which filters based on the application layer (Layer 7) of the OSI model.
Similar to regular firewalls, NGFWs use packet filtering as well as a VPN to provide a connection that is secure all around.
Manage logs, comply with IT regulations, and mitigate security threats.
Our support technicians will get back to you at the earliest.
Zoho Corporation Pvt. Ltd. All rights reserved.