Cyber Security
Firewalls have been the first line of defense against network intrusions and attacks for a very long time. “A firewall allows system administrators to implement strict access controls between the trusted internal network and the non-trusted external world” (Murthy, Bukhres, Winn, & Vanderdez, 1998). Firewalls, both hardware and software, monitor incoming and outgoing network traffic and decides whether to allow or block specific traffic based on pre-defined security rules (Cisco, n.d.). The firewalls are generally immune to penetration attacks because of the OS security and hardened software.
There are different types of firewalls technologies used today to secure both wired and wireless networks. A few of them are:
1) Proxy Firewall: This was the old firewall methodology and has been replaced nowadays. A proxy firewall acts for a specific application and serves as a gateway from one network to another. It also provides functionalities like content security and caching by blocking any outside (non-network) connections.
2) Stateful-inspection firewall: These firewalls are the “traditional” firewall being deployed nowadays. A stateful packet-inspection firewall allows or blocks traffic based on state, port, and protocol (Cisco, n.d.). It works on a very contextual basis and monitors all activity from the opening of a connection until it is closed. It filters traffic based on pre-defined rules as well as the broader context from previous connections and packets belonging to the same connection.
3) Next- Generation Firewalls (NGFW): These firewalls involve integrated intrusion prevention, application awareness, and advanced threat-detection and mitigation strategies. They do all the traffic analysis using deep-network introspection technique and therefore are commonly deployed today in all major organizations. The addition of VPNs has also given employees an ability to safely connect to company resources over public Wi-fi systems.
Firewalls cannot protect hosts within the network that connect to the Internet without going through the company firewall. Using an insecure Internet connection outside of the company’s infrastructure can potentially expose the user to many types of attack.
Firewalls also have a poor standard of protection against malware or Trojans. They can however work together with the antivirus solutions to enforce new rules based on observed malware behavior. (The Evolution of Firewalls: Past, Present & Future, 2015)
Firewalls can also potentially expose millions of devices to the risk of attacks from the Internet and the risk of the devices hijacking. Various bugs planted by hackers can possibly take control of the host machine and execute: Theft of private data, Network Morphing or Embedding malicious software into an entire network.
References:
Cisco. (n.d.). What Is a Firewall? Retrieved from Cisco: https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html
Murthy, U., Bukhres, O., Winn, W., & Vanderdez, E. (1998). Firewalls for security in wireless networks. IEEE.
The Evolution of Firewalls: Past, Present & Future. (2015). Retrieved from Information Week: https://www.informationweek.com/partner-perspectives/the-evolution-of-firewalls-past-present-and-future/a/d-id/1318814
https://borncity.com/win/2020/05/18/three-vulnerabilities-in-sophos-cyberoam-firewall-technology/