Types of Firewall Security & their benefits

Recap: What is Firewall Security?

Before we discuss the benefits, it is important to understand what a Firewall is and how it helps. From our previous blog we know that Firewall Security is:

• A preventative hardware or software technical security control
• Automated protection to an IT network/application by preventing unauthorised access
• A necessary part of both the business continuity plan & DiD (defence in Depth) approach

Firewalls will have their own pre-established rules and filters that will determine how incoming traffic (data packets) are dealt with. Therefore, not only is it important that you have a firewall, but the rules that govern it need to match what you are trying to achieve.

Is managing my Firewall easy?

We cannot expect everyone to be Cyber Security experts, nor is it fair to do so – the truth is, networks are complex and require a lot of time and expertise to keep optimal. For instance, did you know that any old, unused Firewall rules and ports left open (that are no longer necessary) will accommodate malicious attacks?

That is why we always recommend having a Managed Firewall Service as inadequate resourcing, lack of understanding or time could lead to:

• Infrastructure exposure
• Risk of attack
• Network downtime
• Compliance violations
• Network performance issues
• Impact on reputation

As cybersecurity experts, we are heavily invested and qualified when it comes to understanding the wider environment of network infrastructure and the applications in which people’s firewalls are operating. Not only are we well-equipped, but we follow a proven methodology that allows us to:

• Ensure that all network components are well guarded (with adequate authentication and authorisation policies
• Constantly monitor network activity
• Assess network vulnerabilities by using a trusted entity to attack it
• Collect and examine data so that better quality safeguards and policies can be created and put in place

If you feel like you need some help with your Firewall, we recommend our Managed Firewall Service. Not yet convinced? It’s your lucky day! We currently have a Free Firewall Audit promotion running right now where you find out how efficient your current firewall is – did we mention it is completely free?

Types of Firewalls and their benefits

Something we have not yet gone into detail about is the types of Firewall Security available. The type of Firewall you need will depend on your requirements.

Next-Generation Firewalls (NGFW): 

Part of the third generation of Firewall technology, an NGFW includes everything a traditional Firewall will, but with increased functionality such as deep packet inspection (DPI). DPI will examine the actual data the packets are transferring rather than just the packet headers. This increased access to meta-data allows businesses to further protect themselves as all incoming data can be examined and categorised so any harmful data will be more easily identified. NGFW is a top-end firewall service and is only usually used by large organisations.

Packet Filtering Firewalls:

A Packet Filtering Firewall is a very basic Firewall security control that will use the Access Control Lists (ACLs) to separate packets depending on their source IP, destination IP, port usage and transmission route. Using the ACLs, the Firewall will look at the information based on the TCP or UPD header rather than the actual data being sent and then decide on whether to accept. Although it is not as advanced as an NGFW and user settings can still allow potentially dangerous communications through, Packet Filtering Firewalls usually are built-in to routers, extremely fast and typically only require one router set up.

Proxy Firewall:

Unlike basic Firewall Security, Proxy Firewall’s filter network traffic at an application level. A proxy is used as an intermediary between two networks. A client will send a request to its intended target that will then be checked against a pre-defined set of rules and regulations. Furthermore, a Proxy Firewall will monitor traffic for policies such as HTTP, FTP as well as five others. These policies will use deep packet inspection to detect any dangerous traffic. It has been said that Proxy Firewalls offer a balance between security and functionality as the policies they follow are not only well written but are also very robust and able to log data too.

Stateful Inspection Firewall:

Stateful Inspection is a firewall service that aims to monitor active connections on a network while also providing an additional layer of network security that goes beyond TCP. All active connections and sessions on the network will be monitored constantly.

Additionally, what the firewall is checking for and how it deals with certain connections can be fully customised by a network manager to ensure that the specific needs of the business are met.

Compared to older firewall services, such as Packet Filtering, Stateful Inspection Firewalls do more than the minimum (such as only checking the metadata in the header). Therefore, with having a better examination process, the chances of threatening connections or data passing your security decreases as data is not only constantly monitored, but the checks against it are performed to a higher standard.

Conclusion

There are many different types of Firewall Security, - even more that we have not yet been able to cover in this series. The firewall security configuration that you may need at home will be completely different to the configurations you will need in your business. Understanding the differences and advantages of certain Firewall’s is a great start, however, currently, it is not enough. That is where we come in. If you have any questions or queries, please do not hesitate to speak to one of our cyber experts today and we can walk you through getting set up with a Managed Firewall Service.