What is the importance of FIREWALL in a business network ?
Every company or organization who connects to the Internet should always have a dedicated firewall device or appliance. Data is too important to lose and too critical to be careless with it.
What is a network firewall?
The intention behind network firewalls is that they filter internet transmissions so that only traffic that belongs is allowed into an organization. Decisions are based on pre-set rules or policies. Like many areas of technology, firewalls have evolved greatly over time and are more sophisticated in terms of efficacy as well as flexibility of deployment. For example, they have developed the ability to be deployed in completely virtual environments to protect data transferred to and from the cloud or to protect remote branches. “Firewalls have also greatly improved their ability to integrate threat defense and intelligence to protect against a range of threats including botnets, command and control servers, advanced persistent threats (APTs) and zero-day threats,” said Mihir Maniar, vice president of Security Business and Strategy at Juniper Networks.
Types of network firewalls
The foundation of IP communications is still based on a variety of factors, such as source, destination, IP addresses, protocols and ports and URLs, so packet filtering remains at the core of firewall defense and is the best first line of defense for an organization’s network.
Essentially, a network firewall analyzes traffic to determine if the packets can enter an internal network based on source, destination, ports and protocols. Initially, this was done with static filtering that inspected only packet headers. Soon, hackers figured out that all they had to do was change the packet header information to something expected and their illicit traffic would pass. As a response, stateful or dynamic packet inspection was created. That looks at incoming and outgoing communication packets over a time period. Outgoing packets look for a specific type of incoming packet. Those incoming packets are monitored and only the ones with the right correspondence are allowed to pass. Some types of firewall protection can also provide unified threat management (UTM) functions with outgoing traffic such as secure web gateways to prevent command and control (C&C) traffic.
Main types of firewalls as:
Packet filtering firewalls: An early type of firewall security that relied on packet characteristics like source and destination IP address, port and protocol of individual packets to determine if the packet should be allowed through or dropped.
Stateful inspection firewalls: This form of firewall protection added the capability to look at packets that belong to one complete session. Once a session is established, the source and destination are allowed to communicate without the need to look at subsequent packets in that session.
Application layer firewalls: These network security firewalls examine packet-level information and application-layer information such as the URL of the HTTP request.
Next-generation firewalls: The latest firewall technology adds so many capabilities that it merits its own section below.
Gartner defines a next-generation firewall (NGFW) as a deep-packet inspection tool that moves beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention and intelligence from outside the firewall. This is not to be confused with a network intrusion prevention system (IPS), which typically includes either a basic commodity firewall or consists of an appliance containing a poorly integrated firewall and IPS.