Types of Firewalls
The Firewalls are generated by people’s need for security of network. There are main three types of Firewalls: Network Layer Firewalls, Application Layer Firewalls and Database Firewalls.
Network Layer Firewalls
The Network Layer Firewalls can be regarded as an IP packet filter, operating in the underlying TCP / IP protocol stack. We can enumerate only allow packets that match certain rules to pass through, and the rest are forbidden to traverse the firewall (except for viruses, which do not prevent viruses from intruding). These rules can usually be defined or modified by the administrator, but some firewall devices may only apply built-in rules.
We can also formulate firewall rules in a different, more loose way, so long as the packets do not fall under any of the "negative rules." Most operating systems and network devices have built-in firewall features.
Newer firewalls can filter for various attributes of a packet, such as source IP address, source port number, destination IP address or port number, and service type (such as HTTP or FTP). It can also be filtered via communication protocols, TTL values, domain names of origin, or network segments, etc.
Application Layer Firewalls
The Application Layer Firewalls work on the "application layer" of the TCP / IP stack, and the data streams that you generate when using your browser or when using FTP belong to this layer.
Application-level firewalls can block all packets in and out of an application and block other packets (usually dropping packets directly). In theory, this type of firewall completely blocks the flow of external data to protected machines.
By monitoring all the firewall packets and find out the content of non-compliant rules, you can prevent the rapid spread of computer worms or Trojans. However, in terms of implementation, this method is complicated (there are thousands of software!), so most of the firewall will not consider this approach to design.
The XML Firewall is a new type of application layer firewall. According to different emphasis, it can be divided into: packet filtering firewall, application layer gateway firewall, and server type firewall.
Database Firewalls
The Database Firewall is a database based on database protocol analysis and control technology security system.
It’s based on the active defense mechanism, to achieve the control of the database access behavior, blocking dangerous operations, suspicious behavior audit.
The Database Firewalls through SQL protocol analysis, according to the premeditated prohibition and licensing strategy, to allow the passage of legitimate SQL operations to block illegal operations, and build a database of peripheral defensive circle, to achieve the active prevention of SQL dangerous operations and real-time audit.
The Database Firewalls, facing the external invasion, provide SQL injection prohibited and database virtual patch function.
Tips: 5 Donts when selecting the Firewalls
Since there are various types of firewalls, which one is best for your network? Here are tips you must don’t do.
- Don’t believe the experimental data too much.
There are some spec of one firewall, such as throughput, Antiviral function, and so on. However, we can’t believe these data too much because they are only some Experimental Data.
In other words, it is based on a relatively reasonable number of interference factors. However, to be honest, the network environment of any one company today can’t reach the level of their testing products. When the number of business hosts more, if fragmented unreasonable, it will result in more Internet radio, then also affect the final effective throughput.
- Don’t choose the firewalls which have extra features.
The competition of the firewall market is more and more fierce. Therefore, firewall vendors in order to provide their own products in the market competitiveness, often integrate more features in their own firewall products, to increase the selling point of the market.
On the one hand, we need to know if these additional functions are needed. There are some firewall products will integrate VPN and other functions. However, whether companies need this feature? Network administrators need to consider, because the VPN service can be implemented not only on the firewall, but also on the router.
On the other hand, some additional features consume firewall resources. These extra functions will make the firewall speed become lower.
- Don’t ignore your companies’ needs.
Many network administrators have a bad habit when choosing network equipment. They do not first consider what needs to be achieved in the end enterprises, but first to examine the network equipment. They firstly examine the firewall market to see the differences between the various firewall products, what can be achieved and so on. However, they ignore the needs of their companies.
- Don’t trust the reviews too much.
We only take those reviews website and forums for references because there may be some ads on these places. Not all the reviews are true.
- Don’t trust the brands too much.
It’s no doubt that Cisco is the best brand of network products. Whether it is a firewall or router, are the best in the industry. Some people even think of it as a compass in the network equipment market, and develop behind its ass. However, its price is also the highest in the industry.
For some wealthy businesses, it may be not a problem. Hundreds of thousands of dollars of network equipment, they do not blink their eyes, just buy them. However, for some relatively tight capital of the enterprise, the price is the first thing to consider.
In short, we need to choose the firewalls with the best price and suitable functions.