Since their inception in the late 1980’s, the types of firewalls available have evolved drastically to combat increasingly sophisticated attacks on computer networks.
Many clients know some type of firewall is necessary for a well-rounded network security system, but don’t know how these integral tools of the trade work.
This post reviews two primary firewall types – basic traffic scanning devices and interactive layer-inspecting machines.
The kinds of firewall technology currently on the market: packet filtering, circuit-level gateway, stateful inspection, application-level gateway, multilayer inspection, and UTM.
Packet Filtering Firewalls
Types of firewalls that scan packet headers and compare them to Access Control Lists, or ACLs, set forth by a networks security team are referred to as packet filters.
The firewall takes apart the information located in the packet header such as IP address and port number to see if the packet is allowed/safe for the network.
If the packet fails this firewall type’s set criteria, it is dropped and unable to pass into the network.
Packet filtering firewall are quick and convenient, but not foolproof.
They are superficial in nature and can/have been compromised by hackers who manipulate packet headers into looking harmless, thus fooling the filter.
Circuit-Level Gateway Firewalls
Circuit-level gateway firewalls work similarly to their namesake – through the gateway.
These types of firewalls only allow requested information into the network, serving as a ‘gatekeeper’ of incoming information.
They reroute the IP address of the workstation to that of the firewall, further protecting the network by hiding the IP address of all computers within that network.
Circuit-level gateway firewall types also close off ports that are not being requested for use by a user within the network.
All incoming traffic that has not been requested by a user is immediately dropped and unable to reach the network.
These types of firewalls are secure until a user accesses an unsafe site or file. Then the network is easily compromised.
Stateful Inspection Firewalls
Stateful inspection types of firewalls, also known as dynamic pack filtering, are like packet filtering firewalls, but stronger.
These firewall types scan much more than just the packet header. They are equipped to analyze a packet’s content all the way through the application layer.
They also look at previous communication patterns and compare incoming packets to those that have been approved in the past.
Stateful inspection firewall types close off any unused ports as well.
This adds another layer of protection by preventing hackers from accessing your network by spoofing port addresses that are always open.
These types of firewalls typically require more memory to run, and can be harder to install. New connections can take much longer to load as a result.
Application-Level Gateway Firewalls
Similar to their circuit-level gateway counterparts, application-level gateway types of firewalls also hide the IP addresses of the computers within a company’s internal network.
Application-level gateway firewall types however scan all the way through the application layer when analyzing incoming traffic.
They are also application specific. This means that these types of firewalls don’t allow incoming traffic to travel into the network unless it is created in a specified application.
Application-level gateways are much more thorough in their packet scanning abilities than circuit-level gateways because they scan the actual content of the packets passing through.
Users of an application-level gateway type of firewall may have to sign into the network multiple times before gaining entry however, reducing the convenience factor for this type of technology.
These types of firewalls can slow down a network as well due to the proxies that may be in place.
UTM firewalls go one step further than average firewall types because they incorporate more security programs in their design.
Some extra features that are often available with UTM types of firewalls include anti-malware software, anti-spyware, anti-virus, VPN, and DOS/DDOS protection.
The Calyptix AccessEnforcer for example, is equipped with UTM technology such as email/web filtering, GUI-based management, and intrusion detection to keep your clients safe.
Along with automatic updating and all-inclusive licensing, Calyptix offers experienced US-based engineers who are readily available to assist with your customer service needs.
Interested in becoming a partner? Contact our sales department today for more information!