Introduction
This paper is a report on one of the major IT systems that supports network defence. The firewall. There are various types of firewalls available for both large scale enterprises and home users. The following pages will showcase the types of firewalls, limitations and future application of the network firewall.
What is a firewall
Firewalls are systems that are implemented to prevent the access from unauthorized internet users from entering a private network. It acts as a division between a private network and an outside network. It can be either in hardware or software form or a combination of both. Any traffic that is leaving or entering the local network has to pass through a firewall.
The firewall inspects each traffic and filters out unwanted traffic that do not meet the specified security criteria and permits wanted traffic. (Beal, 2021) Firewalls are a critical system requirement in large organization that has many networks.
Hardware vs Software firewalls
Hardware Firewall
A hardware firewall is a single physical device that is installed between the local network and the internet. These physical devices inspect the packets of data flowing through the traffic and either permits or block the traffic according to predefined rules. Hardware firewalls requires advance IT knowledge and configuration skills that is commonly used by larger business where cyber security is a priority.
Companies like Cisco, Palo Alto and FortiGate provide single device hardware firewalls.
Software Firewall
Software firewall on the other hand is installed on a computer as an application and protects that particular device. It provides the same function as hardware firewall but in a smaller scale. It is easily configured and most commonly use in home networks.
Operating systems like Windows (defender) and Mac OS have their own version of pre-built firewalls installed.
Types of firewalls
Firewalls can be divided into multiple categories based on their structures and method of operation.
Stateful vs Stateless Firewalls
Firewalls can be classified into stateful and stateless.
Stateful firewall utilizes a dynamic approach in inspecting network traffic. It monitors traffic patterns and flows. It can operate in multiple layers of the OSI model and record down sessions created by the traffic. In logging the behaviour of a potential attack that information can be used to prevent future attempts. However, it utilizes more computing power and resources for the additional security.
While stateless firewalls are static and follow pre-set rules such as ACL to monitor traffic. It treats each packet independently. It requires less memory and can be a faster solution for certain networks. (Cohen, 2021)
Most big enterprises utilise both concepts of firewalls to secure their network perimeters.
Packet filtering Firewall
One of the oldest and basic firewall structure that performs simple data packet filtering like the analysing of Ip and port addresses. If data packets are not permitted by the firewall, it will be automatically dropped. Packet filtering firewalls are not resource intensive but provide a base level protection however they can be relatively easy to bypass compared to other firewalls. (Beal, 2021)
Proxy Firewall
The proxy firewall imitates the network, so intruders are unable to discover information on the private network. This type of firewall establishes a connection to the source of the traffic and inspects the data before transferring to the destination. This separation is secured but does has a drawback in speed as there are additional procedures in the data transfer. (Beal, 2021)
Network address translation (NAT) Firewall
NAT firewalls are similar to proxy firewall to a certain aspect. It protects the identity of the local network and does not revel the actual internal Ip address to the internet.
Figure 8 NAT Firewall diagram
Cloud Firewall
Cloud based firewalls are installed in the web instead of a network. Having such a firewall provides flexibility for used to pass through the firewall and access the network from any location. It also provides stability. If a cloud server requires additional protection due to it increasing traffic loads cloud-based firewalls are able to increase its capacity.
Network segmentation firewalls
This type of firewall separates internal networks and filters traffic between subnets. Such an implantation can contain network traffic and prevent internal security breaches.
Limitations of Firewalls
The firewall system is capable of securing a network to a certain extent. It should not just the sole protection on a network for the following reasons.
A firewall is a system used to prevent unauthorized users however it does not block malware, viruses and worms from entering into the network.
Firewalls inspect and block off unauthorized access or data, but it does not inspect against users that have been authorized. It is unable to prevent social engineering attacks or malicious internal entities. Firewalls are programmed and unable to fix poorly designed security policies or administrative practices. It is only as effective as the set rules that are configured on the firewall system. (Endean, 2019)
Next generation Firewalls
In today’s world, malicious users are inventing unique ways to bypass network security. Next generation firewalls are able to provide capabilities beyond the traditional firewall. It consists of deeper packet inspection systems such as the following. (cisco, 2021)
Intrusion detection system (IDS)
The IDS detects malicious activity or policy violations and reports it to the event management system.
Intrusion prevention system (IPS)
Like the IDS the IPS prevent malicious activities from occurring by reporting and blocking that activity. It is able to prevent attacks by shutting down access points and configuring the firewalls to prevent the reattempting of the attacks.
AI firewall
The artificial intelligence firewall utilizes intelligent detection technologies to detect advance level threats. Regular firewalls use static rule database to inspect for threats and are unable to detect APT (Advance persistent threats). AI firewalls utilizes models to train threat detection based on samples. Such training to the AI will detect and even prevent threats that aren’t noticed by organic intelligence. (Huawei, 2022)
Persecure : my learning archive 