How Firewalls Work

fortinet updates

Firewalls were first developed in the late 1980’s as the internet was growing in popularity and security became a concern.

The Evolution of Firewalls

Access Control Lists (ACL) were typically installed on routers. ACL could efficiently scan through a vast amount of information but were limited because they only read the headers of packets (small chunks of data), which offered only basic information.

Proxy Firewalls act as an intermediary between your computer/network and the internet. Proxy firewalls imitate the intended recipient, retrieve, scan and approve data before delivering it to the destination computer. It is considered one of the safest firewalls because it is the only networked machine that interacts directly with the internet, but this comes at the expense of speed and functionality.

Stateful Inspection Firewalls have the ability to monitor and classify all incoming and outgoing traffic on the connection until the connection closes. For this reason it’s considered the next major evolutionary step for firewalls.

Unified Threat Management (UTM) Solutions consolidates stateful inspection firewalls, anti-virus software, anti-spam and an Intrusion Prevention System (IPS) in a single appliance. UTMs are able to enforce security procedures at the port, application and protocol level. They also incorporate packet-filtering, virtual private networks (VPN), network address translation (NAT) and URL blocking along with a number of other features built-in to increase security.

(NGFW) have the same capabilities of UTMs but at a much greater capacity. They are built with advanced processing and more robust hardware. They are designed to efficiently process enormous amounts of data and keep up with the increasing flow of traffic. Most large networks use NGFW as they are proven to be the most efficient and effective against online attacks without cost to the speed of the connection.

It is important to note that even with an effective firewall in place a reliable anti-virus software is still necessary to protect each machine from removable media such as DVDs and memory sticks that may be infected with viruses. Also, your firewall may or may not completely protect against Trojan horses and other viruses sent through email.