In our techno driven world where IT enabled products and services have changed the quality of our lives, there is a looming spectre of cyber crime as well. The quantum of data and information leaks worth billions of dollars is frightening indeed. Add to that the growing threat of virus, trojans, malware and ransomware lurking in the systems and networks, and you have a cocktail of frightening statistics.
So, how do you prevent your systems, applications, databases and networks from being overwhelmed with such attacks? The answer lies in using a firewall that forms a barrier between your systems and untrustworthy pieces of information. As a firewall (read barrier) prevents a fire from spreading, the one used in the digital sphere prevents the spread of cyber attacks. Let us find out the types of firewalls that dot the market and are of help to individuals, organizations, enterprises, government bodies and others by saving their sensitive data and information.
Packet Filtering Firewall
This particular firewall helps to block the oncoming traffic into a network based on IP protocol, address or port number. This firewall requires the additional use of intrusion prevention for its management protocol allows most of the web traffic. This type of firewall cannot differentiate between a legitimate packet and a pretender (read packet with a malicious objective) and thus, is not very effective unless, of course, configured to include intrusion prevention.
This type of firewall is more adept at tracking active connections. While installing such a device, the firewall support services should set up a specific configuration that enables the ingress of packets from established outbound connections only. However, this type of firewall too needs the addition of intrusion prevention to identify and block malicious attacks.
Deep Packet Inspection Firewall
This firewall is supposedly better than the ones mentioned above, for it comes with an intrusion prevention technology that can identify and block application layer attacks. However, there are a few areas that need a better analysis before opting for the same. First, the word ‘deep’ pertains to some level of depth in the packet instead of being a comprehensive one covering the entire packet. Second, the hardware, if not robust enough, can come a cropper while processing a deep packet inspection in the network. So, the IT solutions provider should be asked about the bandwidth the firewall can handle. Lastly, the resident technology of the firewall may not have the requisite flexibility to thwart all kinds of attacks.
Application Aware Firewall
This firewall can parse the protocols and address specific fields present in them. The approach allows the protocols or rules to be focused and comprehensive at the same time. However, this parsing approach does not always handle the challenges of real world traffic perfectly.
Firewall Proxy Firewall: This is akin to certain types of intrusion prevention wherein each proxy is capable of handling one protocol (read web traffic). The implementation of this firewall can be a little tricky as the firewall does not always follow the protocol fully and might end up blocking the valid traffic.
Enterprises while engaging firewall support services should ensure the implementation of an appropriate firewall in view of their specific requirements and threat perceptions.