If not redirected, please click here https://www.thesecuritybuddy.com/firewall/evolution-of-firewalls-from-packet-filters-to-next-generation-of-firewalls/
A Firewall is a network security system
which monitors the inbound and outbound network traffic of a system
and filters them as per some predetermined rules. It can be
implemented as a hardware or as a software. If configured properly, a
Firewall can prevent network intrusions up to a great extent.
First Generation of Firewalls : The
Packet Filters
This type of Firewalls was first
developed in 1980's. They mainly monitor network addresses and ports
of inbound and outbound network traffic, and filter them as per some
predetermined rules.
They store no information on connection
state. Instead, they inspect source IP addresses, destination IP
addresses, source and destination ports and protocols like TCP, UDP
etc to filer the traffic.
This type of Firewalls mainly work in
first three layers of the OSI model – the physical layer, the
network layer and the transport layer to see the source and
destination ports. And, as the Packet Filters do not store any
information on the connection state, they cannot filter traffic
depending on whether a particular network packet is part of an
existing stream of traffic.
Second Generation of Firewalls : The
Stateful Filters
This type of Firewalls was first
developed in early 1990's. They retain the network packets until it
gets enough information on the connection state of the packet. They
determine whether a packet is part of an existing connection or not
part of any connection and filters the traffic as per that.
Second Generation Firewalls can operate
up to layer 4 of the OSI model, so that they can do stateful packet
inspection.
Third Generation of Firewalls : The
Application Layer Firewalls
This type of Firewalls was first
developed in mid-1990's. Till now Firewalls were able to filter
traffic based on IP addresses, ports or connection state, but they
were unable to understand application layer protocols like HTTP, FTP,
DNS. As a result, they were unable to detect whether an unwanted
protocol is trying to bypass the firewall in an allowed port or any
protocol is getting abused. The Application Layer Firewalls can
monitor and understand certain application layer protocols and filter
traffic as per that.
The Next Generation of Firewalls :
Deep Packet Inspection
A Next Generation Firewall or
NGFW is a recently developed integrated network platform that
combines a traditional firewall with other security system
functionalities like an application firewall, Intrusion Prevention
System or IPS, SSL/SSH interception, QoS/bandwidth management,
malware inspection etc. An NGFW includes the typical functionalities
of a traditional firewall, yet it is much more powerful than a
traditional firewall in detecting and preventing attacks and
enforcing security.
An NGFW uses Deep Packet Inspection
or DPI using which it can examine the data part of the network
packets and search for protocol non-compliance, virus, spam,
intrusions and other statistical information to filter the traffic
and enforce security in a better way.
And, as an NGFW integrates multiple
security technologies in an efficient manner, it has several
advantages over the traditional Firewalls. It reduces administrative
cost, can detect malware concealed in encrypted SSL/SSH traffic, can
associate network traffic to users, and improves network throughput.
The Firewall technology emerged first
in 1980's, and since then the technology improved a lot. Now it has
become almost inevitable in network security. This article just gives
a brief history on Firewall technology. Hope you liked it.
Simple but informative
ReplyDelete