Firewalls

A firewall is a network security system that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. It monitors and controls incoming and outgoing network traffic based on a defined set of security rules. The primary purpose of a firewall is to allow legitimate traffic through while blocking malicious or unauthorized traffic. There are several types of firewalls, which have evolved over time. The simplest is a packet-filtering firewall. It inspects packets and makes a decision to allow or deny them based on information in the packet header, such as source and destination IP addresses, port numbers, and the protocol being used. They are fast but don't inspect the content of the packets. A stateful inspection firewall, also known as a dynamic packet-filtering firewall, goes a step further. It keeps track of the state of network connections (e.g., TCP streams). It makes decisions based not just on individual packets but on the context of the traffic, only allowing traffic that is part of an established, legitimate connection. Next-Generation Firewalls (NGFWs) are more advanced. They combine traditional firewall capabilities with additional security functions, such as an intrusion prevention system (IPS), deep packet inspection (DPI) to analyze the actual content of the traffic, and application awareness, allowing rules to be set for specific applications (e.g., block Facebook but allow Salesforce) regardless of the port they use. Firewalls can be implemented as hardware appliances, software on a server, or as a cloud-based service (Firewall as a Service).