Connecting personal computers to other IT systems or the internet opens up a range of positive possibilities — easy collaboration with others, combining of resources, enhanced creativity — but it also exposes users to dangers.
Hacking, identity theft, malware, and online fraud are common threats users could face when they expose themselves by linking their computers to a network or the internet.
What if there was a way users could protect themselves from the very worst dangers by erecting an invisible wall to filter out those threats? It would be essential to have it — fortunately, it already exists. That invisible wall is what is known as a firewall.
Erected between a computer and its connection to an external network or the web, a firewall decides which network traffic is allowed to pass through and which traffic is deemed dangerous. It essentially works to filter out the good from the bad, the trusted from the untrusted.
Types of Firewalls
The different types of firewalls incorporate software, hardware, or a combination of both. All have different uses, strengths, and weaknesses.
Among the most ubiquitous types of shields available, stateful inspection firewalls allow or block traffic based on technical properties, such as specific protocols, states, or ports.
Stateful Inspection firewalls make the filtering decisions to determine whether data is allowed to pass through to the user. These decisions are often based on rules established by the administrator when setting up the computer and firewall.
The firewall can also make its own decisions based on previous interactions it has “learned” from. For example, traffic types that caused disruptions in the past would be filtered out in the future.
A proxy firewall is as close to an actual physical barrier as it’s possible to get. Unlike other types of firewalls, it acts as an intermediary between external networks and computers, preventing direct contact between the two.
Like a guard at a doorway, it essentially looks at and evaluates incoming data. If no problem is detected, the data is allowed to pass through to the user.
The downside to this kind of heavy security is that it sometimes interferes with incoming data that isn’t a threat, leading to delays in functionality.
Evolving threats continue to demand more intense solutions, and next generation firewalls stay on top of this issue by combining the features of a traditional firewall with network intrusion prevention systems.
In fact, threat-specific next generation firewalls are designed to examine and identify specific dangers, such as advanced malware, at a more granular level. More frequently used by businesses and sophisticated networks, they provide a holistic solution to filtering out dangers.