In computing, a firewall is a network security system that monitors incoming and outgoing network traffic. Based on a defined set of rules, it decides whether to allow or block specific traffic. A firewall establishes a barrier between internal trusted networks and external untrusted networks, such as the Internet.
Packet filtering firewall
This is the oldest type of firewall. Packet filters compare each data packet received against certain criteria and do not forward the troublesome ones.
This type of firewall checks network protocol session initiation messages between the local and remote hosts. By determining whether the session being initiated is legitimate, it decides whether the remote system can be trusted. It does not inspect the data packets. Circuit-level gateways are generally used together with application-level gateways.
This type is also known as a proxy firewall. It combines essential packet detection with session-level criteria in a simple framework. This system can both block access to harmful sites and prevent data leakages from within the firewall. It can, on the other hand, cause delays in communications.
Stateful inspection firewall
This system examines each packet alongside tracking the state of each network session, based on pre-established criteria. Although it offers better security than a packet filter or a circuit-level gateway, it can interfere with the speed of network communications. Stateful inspection firewalls can be effective against denial-of-service attacks. However, these do not provide authentication capabilities to make sure the traffic sources are not spoofed.
Next-generation firewall (NGFW)
An NGFW typically combines packet and stateful inspection with deep packet inspection (DPI). In addition to the capabilities of older firewall types, NGFWs can block modern threats such as advanced malware and application-layer attacks. NGFWs work best integrated with other security systems and are essential for heavily regulated industries, such as healthcare.
No security product can perfectly identify the intent of all content. But advances in security technology enable applying known patterns from the previous attacks on other systems. As different firewalls function differently, the enterprises may need to combine several types to better safeguard their systems.