A firewall is a network security device, a piece of software, or both, which monitors both incoming and outgoing network traffic in order to block a specific type of traffic based on a defined set of security rules.
Usually categorized as network or host-based firewalls, these systems, that can be a hardware device, software, or both, basically create a barrier between a trusted local network and untrusted outside/public network, like the Internet.
There are several types of firewalls ranging from early types that include a proxy firewall, stateful inspection firewall, and unified threat management (UTM) firewall, to more modern types like next-generation firewalls (NGFW).
Proxy firewalls were one of the first devices that served as a gateway from one network to another, while the so-called “stateful inspection” firewalls, which are now considered as a traditional firewall, allow or block network traffic based on state, port and protocol.
Unified threat management firewall usually combines a network firewall with further security functions like anti-virus, anti-spyware, anti-spam, content filtering, intrusion detection and prevention systems, as well as remote routing, network address translation (NAT) and virtual private network (VPN) support.
According to Gartner, next-generation firewalls (NGFW) are deep-packet inspection firewalls that include standard firewall capabilities like port/protocol inspection and blocking but also include application awareness and control, integrated intrusion prevention, sandboxing as well as techniques that address evolving security threats.An NGFW should not be compared to a stand-alone network intrusion prevention system (IPS), which includes some functions of the firewall but is not as closely integrated.
Some network companies, like Cisco, developed threat-focused NGFW, which provide advanced threat detection and protection.
Future of firewall, software- and cloud-based alternatives
What made the next-generation firewalls (NGFW) interesting to enterprises/businesses and/or network security administrators is the fact that you can replace a lot of security devices, including IDS/IPS, web-security and SSL decryption gateways, network proxies and others, with a single tightly integrated NGFW, eliminating network complexity.
Of course, such consolidation also came with a big drawback in terms of network functionality, its performance as well as a lack of certain features and general limitations.
Cloud-computing and software is evolving the network and network security has to follow with many of the well-known network security companies pushing toward software-based micro-segmentation network security tools, like the Cisco Application Centric Infrastructure (ACI) or Vmware’s NXS Network Virtualization and Security Platform. There is also a big focus on cloud-services with SaaS provider that can effectively replace NGFW for certain customers.
Of course, next-generation firewalls (NGFW) won’t be gone overnight and there is still a market for a traditional firewall hardware but the network, as well as the network security, is constantly evolving in order to meet with demands and security threats.