What is Firewall?

4 min readSep 13, 2022

Firewall is a system designed to prevent unauthorized access from entering a private network by filtering the information comes from internet. What firewall does is blocks unwanted traffic and permits wanted traffic. The purpose of firewall is to create a safety barrier between a private network and a public network.

The firewall works by filtering incoming network packets determined by some rules created by the admin. These kind of rules are also called Access Control List.

Firewall rules can be based on :-

IP Addresses
Domain Names
Protocols
Programs
Ports
Keywords

Types of Firewall

1. Host Based Firewall

Host based firewall can also be called Application Level Firewall. It is a firewall software which is installed on a single computer. These types of firewall are a granular way to protect an individual host from viruses, malware, and also helps to control the spread of harmful infections throughout the network.

For example :- ZoneAlarm, OpenSnitch.

2. Network Based Firewall

Network based firewall is a combination of hardware and software or which also can be a hardware only. These type of firewall operates at network layer. Network based firewalls protects the entire network. A firewall can be a standalone product(used in large organizations), routers with firewall(used by small organizations) or can be deployed in cloud infrastructure.

For example :- Cisco Firepower 1000 Series, Fortinet FortiGate NGFW.

(a) Packet Filtering Firewall

Packet filtering firewall operates at points where devices like routers and switches work. They don’t route packets, but instead compare each packets to a set of criteria like allowed IP addresses, packet type, port number, etc.

(b) Circuit Level Gateway Firewall

Circuit level gateway firewall monitors TCP and other network protocol messages and also checks the session is legitimate or not. If a remote system can be trusted, this firewall won’t inspect the actual data.

(c) Stateful Inspection Firewall

Stateful inspection firewall examinate each data packet, but they also keep track of whether or not the packet is part of an established session. This type of firewall offers more security than Packet Filtering Firewall and Circuit Level Gateway Firewall. Stateful inspection firewall can also increase network performance.

(d) Application Level Gateway Firewall

An Application Gateway or Application Level Gateway (ALG) is a firewall proxy which provides network security. This firewall type filters packets according to their intended service as well as other characteristics. Application level gateway firewalls are considerably secure but also provides medium network performance. This type of firewall acts as a relay of application level traffic. Proxy obtains information from user end relays to the server and also only allowable applications can pass through.

(e) Unified Threat Management Firewalls (UTM FW)

This technology was developed to overcome the risk of deploying and maintaining multiple security tools. UTM firewall is a single security appliance. This type of firewall is best in threat detection and prevention and also combines the functions of the SMLI(Stateful Multi Layer Inspection) firewall with intrusion prevention and antivirus. Additional services like cloud management may be included under the UTM umbrella of services.

Features of UTM :-

Antivirus
Antimalware
Firewall
Intrusion Detection
Intrusion Prevention
VPN

For example :- WatchGuard Firebox UTM M290 & M390, Allied Telesis UTM AR3050S & AR4050

(f) Next Generation Firewall (NGFW)

Next generation firewalls is a combination of packet inspection, stateful inspection, some variety of deep packet inspection and other security features like intrusion detection and intrusion prevention, malware filtering and antivirus. This is a usual firewall with more security features.