Today, security breaches have reached a record high, and the tension that people have in privacy has expanded rapidly. Threats on the internet such as viruses, worms, spyware, spoofing, and malware are destroying business assets and reputations. The damage can be costly, and some data may be impossible to recover. To make things worse, the attack can come from anywhere at any time, which is most likely untraceable. One of the solution that a network engineer can consider doing is that they can implement a security device such as a firewall to protect a company network from being exposed.
Types of Network Firewall
Implementing a network firewall are essential to creating a secure network environment. Not only that network engineer would have to keep cautious of the network access coming from outside the corporate network, but network engineer would have to be careful of the network used by the users and their devices internally. Any traffic that is coming in and out the internet should have a firewall as a gateway to accept or decline network traffic according to defined network security policy in the company. Over the years firewall has taken many form and types that are used to take on security measures that are mission critical.
Packet Filtering Firewall
Packet filtering firewall, also known as a stateless firewall, is one of the fundamental lower level, OSI Layer 3, firewall. “A packet filtering firewall is considered a stateless firewall because it examines each packet and uses rules to accept or reject it, without considering whether the packet is part of a valid and active session” (LabSim Online Labs, 2017). Packet filtering firewall examines the IP packet header for services, VLAN tag, port, source address, and destination address to control the traffic. This layer 3 firewall users access list and filtering rules to offer higher performance due to the low level of material the firewall would have to go through.
Proxy firewall is a firewall that is high layer firewall than pack filtering firewall. A proxy firewall is a network security appliance that protects network resource by filtering traffic at the application layer, which a proxy firewall may also be called an application firewall or gateway firewall. (Rouse, 2017) The proxy firewall can also be referred as an application-level gateway which is capable of filtering the content of the data as traffic pass through. The proxy firewall would be able to examine the entire layer of the firewall. The risk of the proxy firewall is that it can be slow from inspecting packet up to layer seven every time would result in slowing processing.
Next Generation Firewall
You may hear the term ‘UTM’ often in the tech industry, which refers to ‘unified threat management’ device. UTM includes multiple sets of security features in one firewall. Another term for UTM, we hear is called ‘Next Generation Firewall.’ Next Generation Firewall enables administrators to manage applications to enable productivity, and they can scan files of unlimited size across any port and without security or performance degradation. The number of simultaneous files or network streams does not limit high-end Next-Generation Firewalls, so infected files do not have a chance to slip through undetected when the firewall is under heavy load. (Malecki, 2012) Next Generation Firewall that is on the market today is powerful enough that the stimulus scanning of the file would not affect the speed and the efficiency of the operating firewall. It is highly recommended to select firewall a firewall that not only grants or reject network traffic from an access list but can inspect traffic and have application level awareness for today’s security standards.
Security has become one of the biggest concern in the IT world we live in today. We hear numerous security breaches and privacy of a company being exposed. Some damages caused by viruses, worms, spyware, spoofing, and malware has a potential to destroy a business’ assets and reputations. The damage can be costly, and some data may be impossible to recover. Security measure must be taken inside and on the outside of the company network. Over the years, the firewall has taken many forms to prevent security flaw and firewall today can scan network packets for any malicious signatures. As a network engineer, it would be critical to consider implementing a network firewall to protect the company network.
LabSim Online Labs. (2017). TestOut Network Pro ISBN: 978-1-935080-43-5. Pleasant Grove,
Malecki, F. (2012). Next-generation firewalls: Security with performance. Network Security,
Rouse, M (2017) SearchSecurity- Proxy firewall. Retrieved from