What is Firewall Protection?

Network firewalls have been in operation since the late ’80s and have been a first line of defense in network security for over 25 years. It is their task to protect the corporate network from the Internet. Network firewall security monitors network traffic and acts as a barrier to allow non-threatening traffic in and keep threatening traffic out. A firewall can be hardware, software as a service (SaaS), public cloud, or private cloud (virtual).

The Internet is a beehive of cybersecurity threats such as malware, phishing, viruses, and ransomware. Thanks to an army of cyber criminals, modern businesses need to continually advance their cybersecurity posture to stay protected.

Types of Firewalls

  • Packet Filtering: The cheapest and quickest way to analyze and distribute a small amount of data according to filters standards.
  • Proxy Service: Network security systems that protect while filtering messages at the application level.
  • Stateful Inspection: Dynamic packet filtering that monitors active connections to determine which network packets to allow through the Firewall.
  • Next Generation Firewall (NGFW): The most advanced firewall protection that blocks modern threats such as advance malware and application layer attacks.

The Network Firewall

Connecting the network with the Internet isn’t as easy as it looks.

Download our eBook. This new approach to networking comprises a set of truly integrated, cloud-managed security services delivered on-prem or in the cloud with centrally managed security. Learn how to:

  • Reduce complexity and operational overhead
  • Deliver ease of use/transparency for users
  • Enhance security with zero-trust network access

Next Generation and Cloud-Based Firewalls Muddy the Water

By definition, SWGs (Secure Web Gateways) and NGFWs (NextGen Firewalls) have a very similar purpose.  They prevent suspicious traffic from entering or leaving the network. DNS (URL filtering), DLP (Data Leakage/Loss Prevention), application-level awareness, and detection of malware are some of the key features promoted by secure web gateway providers.  At the same time, network firewall providers make similar claims.

Not all secure web gateways and network firewalls can perform all those services, nor should they.  This is a heavy burden for a single system, especially if the organization has a high volume of internet traffic.  Performance may be improved and latency reduced by spreading security services across multiple devices – network firewalls and secure web gateways.  The network firewall may be performing DPI (Deep Packet Inspection) and SSL scanning while the gateway is delivering DLP (Data Loss Protection) and URL filtering.

The challenge is that an architecture with two or three separate processes, each with its own inspection, discovery, and action is likely to be more accurate but may induce latency if the processes are serial in nature.

Open Systems Network Firewall Security

A next-generation network firewall and secure web gateway may be able to provide the cybersecurity posture you require. For performance-sensitive and distributed networks, a more comprehensive and holistic cybersecurity stack may be more suitable.

Contact our customer advocates and learn about our single-pass cybersecurity architecture and SASE services.