Firewall Communication: If connected to the internet, communication likely goes through a firewall.
Usage Locations: Home, office, operating systems.
Functionality: Controls traffic flow between two points, managing inbound and outbound network traffic.
Importance: Especially critical in large environments with extensive user numbers.
Applications of Firewalls
Access Control: Controls website or content access in corporate or home settings.
Security Enhancement: Adds layers of security controls such as antivirus and anti-malware.
Types of Firewalls
Network-Based Firewall
Traditional Firewalls: Use a purpose-built appliance to control traffic, typically at OSI layer 4 (TCP/UDP port numbers).
Next Generation Firewalls (NGFW): Operate at OSI layer 7 (application layer) to manage traffic based on application usage.
Unified Threat Management (UTM) Device
Features: Includes URL filtering, content inspection, malware identification, spam filtering, WAN connectivity.
Drawbacks: Often limited to layer 4 operations; performance issues when multiple capabilities are enabled.
Next Generation Firewall (NGFW)
Functionality: Operates at OSI layer 7, can perform deep packet inspection, and make forwarding decisions based on application data.
Capabilities: Can allow/block specific traffic (e.g., Microsoft SQL Server, social media restrictions).
Vulnerability Management: Acts as an intrusion prevention system with URL categorization and specific site blocking.
Web Application Firewall (WAF)
Purpose: Analyzes web app input, allowing or disallowing traffic based on input characteristics.
Common Use: HTTP/HTTPS traffic, blocking SQL injections, cross-site scripting.
Co-Usage: Often used alongside NGFWs.
Firewall Applications and Examples
Web Application Firewall Log: Displays blocked web-based attacks, such as SQL injection with details on attack identification and source.
Conclusion
Firewalls are integral for controlling and securing network traffic, offering various functionalities across different types and configurations. They play a crucial role in maintaining network security and compliance with industry standards.