What is a virtual firewall?


A network firewall is a common term and while there have been plenty of different types of firewalls, including the next-generation firewalls (NGFW), the latest one is the virtual firewall, which is still a firewall, but for virtual machines (VMs) in a virtualized environment.

While a network firewall has been around for quite some time and it is a common term for a network security device, a piece of software, or both, which monitors both incoming and outgoing network traffic, as well as blocks a specific type of traffic based on a defined set of security rules.

These are categorized as a network or host-based firewalls, and there are several types of firewalls, including early ones that include a proxy firewall, stateful inspection firewall, and unified threat management (UTM) firewall, as well as a more recently popular next-generation firewalls.

A virtual firewall is pretty similar to standard firewalls, as it is still a device or service which provides network traffic filtering and monitoring but used on virtual machines (VMs) and in a virtualized environment. It still inspects packets and blocks specific traffic between VMs based on security policies.

Virtual firewalls are pretty common as it is the least expensive way and are quite portable so can be easily moved from cloud to cloud. Virtual firewalls are also quite easy to upgrade and maintain.

A virtual firewall can be used to prevent an unauthorized user to access the network but also prevent data to be transferred from the virtual machine.

It has two modes, a bridge, and a hypervisor mode. In the bridge mode, it monitors all incoming and outgoing traffic from the VM while in the hypervisor mode, it operates off the physical network and in the hypervisor kernel and manages the incoming and outgoing traffic of the VM.

Virtualization and Cloud Computing presentation by Michael Grafnetter

Since virtual firewalls are deployed as a software running on a virtualized environment, it has certain advantages as well as drawbacks. While virtual firewalls are less expensive and usually easier to configure than physical firewalls, they can’t provide the throughput of a dedicated firewall and since the physical firewall also resides between the server and the Internet, it allows a further reduction in threats.

Virtual firewalls are usually used to protect cloud infrastructure and services and can be deployed on the organization’s own servers as the infrastructure-as-a-service (IaaS) or platform-as-a-service (PaaS) model. Some virtual firewalls also integrate some other network functions like site-to-site and remote access VPN, QoS, URL filtering and more, which makes them quite versatile.


Previous articleNSS Labs sues big names for alleged testing conspiracy
Next articleTalari pushes SD-WAN to the Multicloud
Slobodan Simic is foremost an IT enthusiast who discovered his knack for writing, which lead to becoming both an IT journalist and later an Editor for a number of publications. He has been covering anything from the consumer- and professional-oriented hardware to software markets and networks. With a focus on chasing down leads, making sure that fresh content is ready for publishing, as well as keeping up with the evergrowing and evolving IT world, writing has become more of his passion rather than just a job.