What are the types of Firewalls in Computer Network?

A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) to block malicious traffic such as viruses and hackers.

There are various types of firewalls in a computer network, each designed to provide different levels of security and functionality:

Packet Filtering Firewalls

Packet filtering firewalls are the most basic type of firewall that operates at the network layer (Layer 3) of the OSI model. They examine each data packet individually and make filtering decisions based on predetermined rules.

These firewalls filter traffic based on:

• Source and destination IP addresses

• Port numbers

• Protocol types (TCP, UDP, ICMP)

Packet filtering firewalls are fast and efficient but provide limited security as they don't inspect the actual content of packets.

Application Level Gateway Firewall

Also known as Proxy Firewalls, these operate at the application layer (Layer 7) and act as intermediaries between internal users and external services. They examine the complete application data rather than just packet headers.

Key features include:

• Deep packet inspection of application content

• Caching capabilities that reduce bandwidth requirements

• Detailed logging of all transferred data

Circuit-Level Gateways

Circuit-level gateways operate at the session layer (Layer 5) of the OSI model by monitoring TCP connections and sessions. They verify the legitimacy of connections without examining the actual data content.

These firewalls are resource-efficient and focus on ensuring that established sessions follow proper TCP handshake procedures, making them suitable for protecting legitimate network sessions.

Stateful Multi-Layer Inspection (SMLI) Firewalls

Stateful firewalls combine packet inspection technology with connection state tracking. Unlike stateless packet filters, they maintain information about active connections and make filtering decisions based on the context of traffic.

They track:

• Connection states (established, new, related)

• Sequence numbers

• Session information

Next-Generation Firewalls (NGFW)

Next-Generation Firewalls combine traditional firewall capabilities with advanced security features. They provide application-aware filtering, going beyond simple port and protocol inspection.

NGFW features include:

• Application identification and control

• Intrusion prevention systems (IPS)

• SSL/TLS inspection

Network Address Translation (NAT) Firewalls

NAT Firewalls allow multiple devices with private IP addresses to share a single public IP address when accessing the internet. This provides an additional layer of security by hiding internal network structure.

NAT firewalls automatically block unsolicited inbound connections while allowing outbound traffic, effectively creating a basic firewall barrier.

Threat-Focused NGFW

Threat-focused NGFWs extend traditional NGFW capabilities with advanced threat detection and automated response mechanisms. They integrate threat intelligence and can adapt to emerging security threats in real-time.

Cloud Firewalls

Cloud firewalls, also known as Firewall-as-a-Service (FaaS), are delivered through cloud platforms and managed by third-party providers. They offer scalable protection for cloud-based infrastructure and remote users.

Comparison of Firewall Types

Conclusion

Firewalls have evolved from basic packet filters to sophisticated threat-detection systems. The choice of firewall type depends on security requirements, performance needs, and network complexity. Modern networks often deploy multiple firewall types in layered security architectures.