Types of firewalls
Packet filtering firewall
These firewalls scrutinize each packet of data that passes through them, and then filters them based on parameters like source and destination IP addresses, port numbers, and protocol types. While these firewalls are relatively simple and cost-effective, they are unable to examine the contents of packets, which makes them less effective against sophisticated attacks.
Proxy firewall
A proxy firewall is an early type of firewall device, serving as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality, such as content caching and security, by preventing direct connections from outside the network. However, this also may impact throughput capabilities and the applications they can support.
Stateful inspection firewall
Now considered a traditional firewall, a stateful inspection firewall allows or blocks traffic based on state, port, and protocol. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on both administrator-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.
Web application firewall (WAF)
Web application firewalls act as intermediaries for internal and external networks, handling all communication requests on behalf of the internal network. They offer a high level of security, as they can inspect the content of packets and filter out malicious or unauthorized data. However, their reliance on proxy servers can introduce latency and impact network performance.
Unified threat management (UTM) firewall
A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion prevention and antivirus. It may also include additional services and often cloud management. UTMs focus on simplicity and ease of use.
Explore UTM devices
Next-generation firewall (NGFW)
A next-generation firewall (NGFW) is a network security device that provides capabilities beyond a traditional, stateful firewall. While a traditional firewall typically provides stateful inspection of incoming and outgoing network traffic, a next-generation firewall includes additional features like application awareness and control, intrusion prevention system (IPS), URL filtering based on geolocation and reputation, and threat intelligence. An NGFW can ease administration and reduce complexity with unified policies that protect across the entire attack continuum.
Explore next-generation firewalls