How to Select and Use Your Firewall

A Firewall is an inter-network connection device that restricts data communication traffic between two connected networks. Firewall is usually your first (and always one of your main) lines of defence against malicious and anomalous activity. It is a crucial element that keeps out dangers, controls, and monitors activity, accepts, rejects, and drops access.

Current next generation firewalls are way above traditional packet filtering devices used before and provide comprehensive protection against modern threats. This is a necessary element that organisations need to have in place to protect critical assets and processes, including the following:

• Perimeter Protection
• Lateral Movement Risk Mitigation
• Unauthorised Access to Network Resources Prevention
• Network Activity Monitoring and Logging
• Malware/Intrusion Attacks Prevention
• Compliance Requirements & Network Segmentation

To do this, there are a multitude of different types of Firewalls that can be used in different ways, dependent on your business needs, that enable various features.

Different Types of Firewalls Business Can Use

Packet Filtering Firewalls

This is often described as the most basic form of firewall. According to IBM ‘A packet filter has a set of rules with accept or deny actions. When the packet filter receives a packet of information, the filter compares the [header of the] packet to your preconfigured rule set. At the first match, the packet filter either accepts or denies the packet of information.’  

Packet filters are mostly stateless, and considered an older technology, where they do not remember anything about the packets that they previously processed, this makes them particularly vulnerable to spoofing attacks. Attackers can bypass the static packet filter with simple spoofing techniques since the filter cannot tell the difference between a true and a forged address.

Proxy Firewalls

In a definition by TechTarget, ‘A proxy firewall acts as a gateway between internal users and the internet. It can be installed on an organization's network or on a remote server that is accessible by the internal network. It provides security to the internal network by monitoring and blocking traffic that is transmitted to and from the internet.’ It inspects only specific types of traffic and goes deeper to application level.

Stateful Inspection Firewalls

Also known as Dynamic Packet Filtering, a Stateful Inspection Firewall is a network-based firewall, used to track individual sessions of network connections navigating it. Nowadays this type of firewall has almost completely replaced packet filtering firewall on the market, as it has protection against many security flaws which effected its predecessor.

Next Generation Firewalls (NGFW)

Also referred to as a Deep Packed Inspection, a Next Generation Firewall is a type of firewall that can move beyond a port or protocol. According to Gartner, it can ‘add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.’

More features demand more management overhead including the technical know-how and skills to truly realize the benefits. Which means you must have the right people, processes, and technology in place for it to be utilised properly.

What Needs to be Protected Within Your Organisation?

Within your organisation there are numerous elements that need to be protected, including the network perimeter, critical assets in data centres and offices. You also need to protect the remote users, and cloud-based resources, as well as the traffic between offices, data centres and the remote users. The best way to do this is to have firewalls in place.

What Next for Your Firewall Management Strategy?  

To implement network segmentation properly you need to define the perimeter, to define critical assets and applications to be segmented, to define compliance requirements, and IT security risks. For more on this, learn from the experts, visit this page for more specifics on Firewall Management.

Free Managed Firewall

SecurityHQs Managed Firewall service is not just about the configuration management, the auditing or optimisation, but also about the security threat monitoring on the device by getting all the policies logged properly, inspecting them, advising around them, doing incident response in real time, and being able to contain threats in real time as well.

Receive a free Firewall Audit, delivered by the SecurityHQ team, on up to 5 firewalls. Secure your systems, receive full network visibility, enforce policies, backed by experts.

About The Author

Eleanor Barlow

Based in London, Eleanor specialises in researching and reporting on the latest in cyber security intelligence, developing trends and security insights. As a skilled Content Manager and experienced named author and ghost writer, she is responsible for SecurityHQ’s content strategy. This includes generating content for the latest articles, press releases, whitepapers, case studies, website copy, socials, newsletters, threat intelligence and more. Eleanor holds a first-class degree in English Literature, and an MA from the University of Bristol. She has strong experience writing in B2B environments, as well as for wider technology-based research projects.

About SecurityHQ

SecurityHQ is a Global MSSP, that detects, and responds to threats, instantly. As your security partner, we alert and act on threats for you. Gain access to an army of analysts that work with you, as an extension of your team, 24/7, 365 days a year. Receive tailored advice and full visibility to ensure peace of mind, with our Global Security Operation Centres. Utilize our award-winning security solutions, knowledge, people, and process capabilities, to accelerate business and reduce risk and overall security costs.