What is a firewall?
A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.

Types of Firewall
Firewalls types can be divided into several different categories based on their general structure and method of operation.

1.Packet Filtering Firewall
  • It is the most basic and oldest type of Firewall architecture.
  • Packet filtering firewalls operate inline at junction points where devices such as routers and switches do their work.
  • Packet Filtering Firewalls basically create a checkpoint at a traffic router or switch.
  • These firewalls don't route packets: rather they perform a simple check of the data packets coming through the devices like routers or switches. 
  • It inspects information like the destination and origin IP address, packet type, port number, and other surface-level information. Without opening up the packet to inspect its contents. If the information packet doesn't pass the inspection, it is dropped.
One of the most important things about this firewall is These aren't very resource-intensive. It means they don't have a huge impact on system performance and are relatively simple.

A packet-filtering firewall can be distinguished into the following types based on the usages of  rules:
1.Static Packet filtering firewall
In this type of firewall rules are established manually, and the connection between the internal and external networks is left open or closed at all times until changed manually.
2.Dynamic Packet filtering firewall
This type of firewall is a more intelligent way of filtering as rules may be changed dynamically depending upon the conditions, and ports are open only for a specific time otherwise remains closed.
3.Stateful Packet filtering firewall
It uses a presettable for maintaining a secure connection, and packets pass through in a sequence as approved by the filter rules.

Advantages of Packet filtering firewall
  • Low cost
  • Minimal effects on other resources, network performance, and end-user experience
  • Extremely fast and efficient in scanning traffic because they perform fewer evaluations.
  • Make security Transparent to End-users.
  • Easy to install
Disadvantages of Packet filtering firewall
  • Access control lists can be difficult to set up and manage
  • Not ideal option for every network
  • Packet filtering does not protect from IP spoofing, in which hackers can insert fake Ip addresses in packets to intrude the network.
  • It does not remember any past invasions or filtered packets. It tests every packet in isolation and is stateless which allows hackers to break the firewall easily.
2.circuit-level gateway Firewall
  • A circuit-level gateway is a type of firewall that provides session-level control over network traffic.
  • Similar in operation to Packet Filtering routers, circuit-level gateways operate at a higher layer of the OSI model Protocol stack.
  • Circuit level gateway works by verifying the transmission control protocol(TCP) handshake. This TCP handshake check is designed to make sure that the session the packet is from is legitimate.
  • Circuit-level gateways are host-based and reside on individual clients and servers inside the network, rather than on a dedicated machine as they do with other types of firewalls.
  • Circuit-level gateways are rarely used as a stand-alone firewall solution: instead, they are typically used in combination with application-layer proxy service and packet filtering features in dedicated firewall applications.
Advantages of circuit-level firewall
  • Easy to set up and manage
  • Don't need a separate proxy server for each application
  • They hide information about the private network they protect.
  • Flexible in developing address schemes
Disadvantages of circuit-level firewall
  • Active content can not be scanned or disallowed commands.
  • TCP/IP stacks are mandatory to be modified by the vendor for using the circuit-level gateway.
  • No application-layer monitoring.
  • Circuit-level gateway firewalls don't filter packets individually which gives the attacker a chance to take access to the network.
3.Application-level gateways(a.k.a Proxy Firewall)
  • Proxy Firewalls operate at the application layer to filter incoming traffic between your network and the traffic source. So that's why we called Application-level gateway.
  • A proxy firewall is the most secure form of firewall because it prevents networks from directly contacting other systems. It has its own IP address, which means an external network connection cannot receive packets directly from the network.
  • Application-level gateways filter packets not only according to the service for which they are intended as specified by the destination port but also by other characteristics, such as the HTTP request string.
  • A proxy firewall that filters at the application layer provides considerable data security but can dramatically affect network performance and can be challenging to manage.

Advantages of Proxy Firewall
  • User-level authentication is supported.
  • The application commands are analyzed inside the payload portion of the data packets.
  • Protects user anonymity
  • Provides fine-grained security controls that can, for example, allow access to a website but restricted which pages on that site the user can open
  • Examines all communication between outside sources and devices behind the firewall, checking not just the address, but the content itself before it lets any traffic pass through the proxy.
Disadvantages of Proxy Firewall
  • It doesn't work with all network protocols.
  • costlier than some other firewall options
  • It can inhibit network performance due to the additional processing request required for application services.
  • Virtual Private Networks may not function through a proxy firewall.
4.Stateful inspection firewall
  • Stateful inspection is also known as dynamic packet filtering.
  • A stateful inspection firewall is a technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.
  • Stateful inspection keeps track of each connection and constantly checks if they are valid. that's why it offers better protection than its predecessors.
  • In a firewall where the stateful inspection is implemented, the network administrator can customize the parameters in order to meet the unique needs of the organization.
Advantages of Stateful inspection firewall
  • Stateful firewalls do not have to open up a large range of ports to allow communication.
  • Stateful firewalls prevent more kinds of Dos attacks than packet filtering firewalls and have more robust logging.
  • Offers a high degree of control over what content is let in or out of the network
  • Monitors the entire session for the state of the connection, while also checking IP addresses and payloads for more through security.
Disadvantages of Stateful inspection firewall
  • Stateful inspection firewall cannot prevent application-layer attacks.
  • More expensive than other firewall options
  • Resource-intensive and interferes with the speed of network communications.
  • A stateful inspection firewall can be complex to configure.
5.Next Generation firewall
  • A next-generation firewall(NGFW) is a network security device that provides capabilities beyond a traditional, stateful firewall.
  •  A next-generation firewall includes additional features like application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence.
  •  It is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port, and protocol levels.
Advantages of Next Generation firewall
  • It comes with single console access.
  • The next-generation firewall provides you multi-layer protection
  • It can scan content to prevent data leakage and stop threats with detailed, real-time traffic inspection
  • It comes with a simplified infrastructure.
  • Optimal Use of Network speed.
Disadvantages of Next Generation firewall
  • Costlier than other firewall types
  • In order to derive the biggest benefit, organizations need to integrate NGFWs with other security systems, which can be a complex process.
  • Next-Generation firewall is hard to configure through CLI.
Firewall delivery methods
As IT consumption models evolved, so too did security deployment options. Firewalls today can be deployed as a hardware appliance, be software-based, or be delivered as a service.

1.Hardware-based firewall
  • A hardware-based firewall is an appliance that acts as a secure gateway between devices inside the network perimeter and those outside it.
  • Hardware-based firewalls are self-contained appliances. So hardware-based firewalls don't consume processing power or other resources of the host devices.
  • Hardware-based firewalls require more knowledge to configure and manage than their host-based counterparts.
Advantages of hardware-based firewall
  • The hardware firewalls are tailored for faster response times and hence handle more traffic loads.
  • A Hardware firewall with its own operating system is less prone to attacks. This in turn reduces the security risk. In addition, hardware firewalls have enhanced security controls.
  • No interference means It is separated from other network components can be managed better, and does not load or shutdown other applications. The Firewall box can be moved, shut down, or reconfigured with minimal interference to the network.
Disadvantages of hardware-based firewall
  • Hardware-based firewalls are difficult to install and upgrade.
  • It takes up physical space and involves wiring.
  • A dedicated hardware-based firewall costs more than a software firewall.
2.Software-based firewall
  • A software-based firewall runs on a server or other device. Software-based firewall software needs to be installed on each device requiring protection.
  • Software-based firewalls consume some of the host device's CPU and RAM resources.
  • Hence software-based firewalls are used by small businesses and home users widely because it is easy to customize and users can have better control over its functionalities and protection features.
  • Software firewalls act as a 2nd line of defense from online attacks. And they are great at mitigating risks coming from a blacklisted address, suspicious applications, unknown malware, and more.
Advantages of a software-based firewall
  • affordable, even if you go for the top-rated firewalls
  • It is ideal for personal use and for a small office with limited systems.
  • Easy to set up and manage.
  • Better control and flexibility to assess which applications must be allowed or blocked
  • Notifies the users about a malicious program trying to enter the network
Disadvantages of a software-based firewall
  • It needs regular administration and updating
  • Performance can be affected based on system speed
  • Sometimes difficult to remove or uninstall a firewall completely
3.Cloud/hosted firewall
  • Cloud firewalls are hosted in the cloud. They are also referred to as Firewall-as-a-Service(FaaS).
  • It forms a secure virtual barrier surrounding cloud platforms, applications, and infrastructure.
  • cloud firewalls also form a barrier surrounding the internal network of an organization. They control and manage the data flow between the internal system of an organization. To decide which data to permit or reject, it utilizes an intelligent data analysis.
  • Cloud firewalls filter traffic from multiple sources, including the internet, virtual data centers, between tenants, or virtual networks.
  • cloud-based firewalls do not require you to install or configure yourself. Third-party vendors providing the service and they take care of all these things.
Advantages of Cloud-based firewall
  • Easy deployment without wasting time.
  • Scalable in accordance with the needs of an organization
  • Better performance as you can control everything from visibility, configuration, usage, logging, etc.
  • Higher availability guarantees a constant flow of security services, redundant power, and automated backups
  • No hardware involved, so no wasting time in troubleshooting hardware and RMA issues.
Disadvantages of Cloud-based firewall
  • Availability depends on the cloud infrastructure's availability.
  • Running advanced security features can slow down the network
  • Often considers generic use cases that might not be efficient in blocking software-specific vulnerabilities like those in plugins.

If you loved this post and found something informative Do share it with your friends.

Thanks For Reading... ðŸ˜ƒ