FIREWALL

FIREWALL

What is a FIREWALL?

A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules. Its primary purpose is to create a barrier between a trusted internal network and untrusted external networks, such as the internet, to prevent unauthorized access and cyber threats.

HARDWAREAND SOFTWARE FIREWALL

TYPES OF FIREWALL

Packet Filtering Firewall

Stateful Inspection Firewall

Proxy Firewall

Next-Generation Firewall

Unified Threat Management (UTM) Firewall

Packet Filtering Firewall

🔹 How It Works: Examines network packets' headers (IP address, port number, protocol) and allows or blocks them based on predefined rules.The firewall examines the packet header, which includes the source and destination IP addresses The firewall also examines the source and destination port numbers The firewall compares the packet's attributes to a set of predefined rules If the packet matches an allowed rule, it's permitted to pass through If the packet doesn't match an allowed rule, it's blocked 🔹 Pros: Fast and simple, uses minimal resources. 🔹 Cons: Cannot inspect packet contents, making it vulnerable to advanced threats. 🔹 Use Case: Small networks needing basic protection.

index

Stateful Inspection Firewall (Dynamic Packet Filtering)

🔹 How It Works: Tracks active network connections and makes filtering decisions based on the state of the connection. Tracks the state of active connections Analyzes incoming traffic for potential threats Blocks traffic that doesn't match a known active connection Scans unfamiliar packets against security policies Examines the behavior of data packets Filters out suspicious data Catalogs patterns of behavior🔹 Pros: More secure than packet filtering as it verifies the context of traffic. 🔹 Cons: Can be resource-intensive, affecting performance. 🔹 Use Case: Enterprises needing stronger security without deep inspection.

index

Proxy Firewall (Application-Level Gateway)

🔹 How It Works: Acts as an intermediary between users and the internet, filtering traffic at the application layer. A user requests access to the internet The proxy intercepts the request The proxy evaluates the request against security policies If the request is permitted, the proxy establishes a connection to the requested service The proxy analyzes the traffic for security threats The proxy applies security filters and blocks malicious threats The proxy completes the connection to the external server🔹 Pros: Deep packet inspection, prevents direct contact with malicious sources. 🔹 Cons: Can slow down network speed due to heavy processing. 🔹 Use Case: Organizations requiring high security, such as financial institutions.

index

Next-Generation Firewall (NGFW)

🔹 How It Works: Combines traditional firewall functions with advanced features like deep packet inspection (DPI), intrusion prevention (IPS), and application awareness. NGFWs examine the contents of data packets, not just the headers. This allows them to identify malware and other threats. NGFWs detect network behavior that indicates an attack or data leak. NGFWs analyze large amounts of data to identify patterns and predict potential threats. NGFWs can identify and block risky apps. NGFWs can apply intrusion prevention systems (IPS), antimalware, and sandboxing. NGFWs can use cloud-delivered threat intelligence to stay ahead of attackers. 🔹 Pros: Provides comprehensive protection against modern cyber threats. 🔹 Cons: More expensive and complex to manage. 🔹 Use Case: Enterprises and businesses needing top-tier security.

index

Unified Threat Management (UTM) Firewall

🔹 How It Works: An all-in-one security solution integrating firewall, antivirus, intrusion detection/prevention, content filtering, and VPN. UTM firewalls examine all data entering and exiting the network. UTM firewalls can detect malware, phishing, and other cyberthreats. UTM firewalls can block malicious traffic from entering or exiting the network. UTM firewalls can automatically update with the latest security definitions and features. UTM firewalls provide a central management console for security administrators. 🔹 Pros: Easy to manage, cost-effective for small to medium businesses. 🔹 Cons: May not be as powerful as specialized security solutions. 🔹 Use Case: Small and medium-sized businesses looking for simple security management.

index

SOPHOS

FORTINET

01

03

Fortinet, an American multinational cybersecurity company, is a major vendor in the network security firewall market. With its broad portfolio of security solutions, including NGFWS, Fortinet offers a comprehensive approach to network security. Companys Firewall solutions are known for their high performance and scalability, making them suitable for large and complex networks.

Sophos, a British multinational cybersecurity software company, is a leading provider of network security solutions for SMBs and enterprise organizations. With its XG Firewall portfolio, Sophos offers a comprehensive approach to network security. Companys Firewall solutions are known for their high performance and advanced threat protection capabilities, making them a popular choice for organizations of all sizes.

Leading Firewall Vendors

CISCO

02

CHECK POINT

04

Cisco, an American multinational technology company, is a leading provider of networking and cybersecurity solutions. With its broad portfolio of products, including NGFWS, Cisco offers a wide range of options to meet the diverse needs of organizations. Companys Firewall solutions are known for their reliability and integration with other Cisco products, making them a popular choice for enterprise networks.

Check Point, an Israeli multinational cybersecurity software company, is a vendor in the network security firewall market. With its innovative threat prevention technologies (TPS), firewall solution checkpoints provide advanced protection against known and unknown threats. Companys Firewall solutions are widely used by government agencies, critical infrastructure providers, and large enterprises.

PRESENTED BY

GABRIELE STAGNO 5G INFORMATICA