Hello Readers ! Today I am giving you an overview of FIREWALL.
Here I am giving you a short note on 8 different types of firewall available based on infrastructure.
Types Of Firewall
Packet-Filter Firewall
Circuit-Level Gateways Firewall
Stateful Inspection Gateways Firewall
Application - Level Gateways Firewall (Proxy Firewalls)
Next - Generation Firewall
Software Firewall
Hardware Firewall
Cloud Firewall
* Last 3 are the method of delivery Firewall Functions
Packet-Filter Firewall
- Basic Firewall
- Inspect info like, source, destination IP ADD, Packet types, Port numbers
- Inspect without opening up the packets contain
- Good thing about this firewall is they don't have huge impact on
system performance or network performance
- Terrible thing is that, it is easy to bypass for penetrating or inject payloads
Circuit - Level Gateways Firewall
- Simplistic Firewall
- Deny traffic without consuming significant computing resources
- It is verifying the TCP Handshake
- TCP packet is from Legitimate(Allowed by rules or laws)
Stateful Inspection Firewalls
- This firewall combine both packet inspection technology and
TCP Handshake verification
- This may slow down the transfer of legitimate packets
Application - Level Firewall(Proxy Firewalls)
- Also considered as Cloud Firewall
- Firewall delivered via cloud-based solution or other proxy devices
- Similar to stateful inspection Firewall
- Perform deep-layer packet inspection
- Check contents of the information in packets to verify the
Malware or Payloads
- Drawback is, it can create significant slow-down the network or systems
because of extra step to inspect packet transfer process
Next-Generation Firewall
- Firewall architectures include deep-packet inspection
- Check actual content of packets and TCP Handshake, surface-level packet
Inspection
- Include technology such as IPS(Intrusion Prevention System)
- Automatically stop attacks against network
- Issue is that no-one define of Next-Generation firewalls
- So, important to specific check the capabilities of firewall before investing
or buying this types of firewalls
Software Firewall
- Big benefits of this firewall is,
- Highly useful for creating defense in depth by Isolation individual
Network endpoints from one another
- Difficult to maintain due to not supporting each and every network
endpoints
Hardware Firewall
- Physical Appliances
- Major weakness of a hardware based firewall is that, - Hardware
- It is easy for insider attackers to bypass them
- Actual capabilities of a hardware firewall may vary depending on
manufacturers
Cloud Firewall
- Cloud solution services used a firewall that deliver the cloud based firewall
Called Cloud-Firewall.
- FaaS (Firewall as a Service)
- Similar to proxy firewall
- Cloud-Server is often used a proxy firewall setup
- Benefits, Easy to scale with your Organization
- Additional capacity to the cloud server to filter large traffic loads.
Here are the list of Firewall available according to Infrastructure.
Now, I am going to discuss the best practices of Firewall deployment
Five Best Practices for Firewall Deployment
Regular check and update firewall configuration settings
Make sure there aren't any modems in your internal network
Use Multiple firewall types
use deep=packet inspection methods
Don't just rely on Firewalls
use antivirus programs
data backups, disaster recovery plan
strong password methods
multifunction authentication
perform periodic penetration testing
Thanks for reading, I hope you like this blog.
Happy Learning!!!