What Are the Three Types of Firewalls? (2024)

Table of Contents
What Is a Firewall? What Are the Capabilities and Limits of a Firewall? An Overview of the Three Main Firewall Types Stateless packet-filtering firewall Stateful inspection firewalls Proxy firewalls Firewalls Are Moving to the Cloud Frequently Asked Questions About Firewalls Do I need a firewall? What are the risks of not using a firewall? What are some of the major firewall brands?

Firewalls are an old network security technology.The first firewall was developed in 1989by Jeff Modul of the Digital Equipment Corp. That means that some firewall technologies companies use today are more than 30 years old. While some may see this as outdated, firewalls are a timeless concept.

Key takeaways:

  • Firewalls protect your network from attacks by hackers and malicious software.
  • The three main types of firewalls (packet-filtering, stateful inspection, and proxy) offer progressively more advanced protection levels.
  • Firewalls don’t inspect application-level traffic, which can lead to blocking safe traffic or websites such as YouTube under certain circ*mstances.

What Is a Firewall?

Afirewall is a sort of gatekeeperthat logs, inspects, and sometimes blocks the traffic entering and sometimes leaving your network. The firewall is an old security technology that has evolved to include new capabilities and variations to meet the demands of networks. What started as a manually controlled gatekeeper has turned into a smart inspection tool that exists on local servers and in the cloud.

What Are the Capabilities and Limits of a Firewall?

A firewall is an exceptionally powerful tool for protecting your network but with a few caveats. Firewalls are meant to protect you at the packet level, meaning they handle protocol inspections.

Firewalls can:

  • Log and inspect traffic.
  • Restrict traffic types based on corporate policies.
  • Keep lists of allowed sources of traffic.
  • Block out malicious traffic types or sources.

Firewalls are necessary for protecting your network, but they’re not flawless. I’ll explain why.

Two types of traffic are sent over networks:

  1. User datagram protocol (UDP):A lightweight protocol that doesn’t require any “handshakes” between the device requesting the traffic and the source delivering the traffic. So UDP traffic can stream data like gaming, video, or streaming service sites to recipients. However, this content stream isn’t guaranteed, which occasionally leads to packet loss.
  2. Transmission control protocol (TCP):This protocol requires a handshake (this synchronizes the connection between two points and acknowledges the transfer of packets) between senders and receivers to ensure quality delivery with no packet loss.

The problem with firewalls is that most of them only evaluate traffic on these basic levels without any deeper inspection. This can lead to clumsy attempts at blocking certain actions by halting certain traffic, such as YouTube videos that use UDP. This can affect the delivery of other valid traffic that uses the same protocol. An example is Zoom, which also uses UDP.

Firewalls don’t inspect traffic at the application level, which is why other tools, such as secure web gateways (SWG) were created, which gives security professionals an added layer of control. Think of it this way: A firewall is a sledgehammer. In some cases, a sledgehammer is needed to fix a problem. But, in other cases, a more detailed solution is needed that a firewall can’t handle.

An Overview of the Three Main Firewall Types

Stateless packet-filtering firewall

A packet filtering firewall is the oldest form of firewall. These firewalls live on the edge of a perimeter security-based network and require manual inputs from a security professional to set the parameters for traffic without any learning capabilities. An administrator creates an access control list (ACL) to either allow or deny packets from certain internet protocol (IP) addresses. It’s essentially a “dumb” firewall.

What Are the Three Types of Firewalls? (1)

What makes these firewalls “stateless” is the lack of any packet inspection, source logging, or validation capabilities. The problem with stateless packet-filter firewalls is the implied trust that’s given to IP addresses allowed by administrators. While these firewalls block traffic from denied sources, not all threats originate from malicious addresses.

In some cases, trusted addresses can be hijacked and used to pass along malicious traffic through your perimeter security — all under the nose of a stateless packet filter. Think of this like a trusted mail carrier passing along a package with a bomb in it without building security knowing.

Stateful inspection firewalls

If you’re looking for an upgrade from 1990s capabilities, that would be the stateful inspection firewall.

This firewall type is “stateful” because while it does use access control lists to regulate incoming and outgoing packets, the firewall also inspects packet traffic, logs the relevant data — originating address, packet type, destination, and so on — and compares future traffic against that log to validate it.

Here’s an illustration:

What Are the Three Types of Firewalls? (2)

This firewall operates under the concept of “this traffic was safe before, so if it’s the same, it’s safe now.” While this is an upgrade from using simple ACLs, this type of firewall is prone to two specific vulnerabilities.

The first issue is that stateful inspection firewalls are process-intensive and tend to bottleneck traffic due. This makes them potential targets for distributed denial-of-service (DDOS) attacks.

The second issue is that their inspection is still limited. This makes it possible for hijacked traffic through the firewall so long as the traffic type isn’t unexpected. This makes stateful firewalls vulnerable to “man-in-the-middle” (MITM) attacks where hackers intercept the connection and begin sending altered packets of the same type back through the firewall. Your firewall won’t know that the traffic is malicious since it’ll look like it’s coming from an expected source.

Proxy firewalls

Out of the three firewall types, a proxy firewall is the most secure. The concept works the same as using a middleman to receive sensitive materials, inspecting them at a secure location, then delivering them to you once they are declared “safe.”

Instead of allowing traffic to reach the network perimeter before it’s inspected, a proxy firewall filters packets through a server with a firewall installed:

What Are the Three Types of Firewalls? (3)

Most proxy firewalls employ security capabilities not shared by the last two, such as:

  • Deep packet inspection (DPI):DPI searches for signatures of malware, outgoing sensitive data, and monitors for restricted content, such as unmanaged virtual private network (VPN) traffic or inappropriate websites.
  • Sandboxing:The biggest benefit of a proxy firewall is the distance it creates between threats and your network. This creates a “sandboxing” capability that allows threats to play out in a safe environment that only harms the specific firewall it contacts. Most security infrastructures create redundant proxy firewalls that take over in case one is down.
  • Traffic validation:Like standard stateful firewalls, proxy firewalls also use administrative tools like ACLs and logging to validate traffic from recognized sources.

Firewalls Are Moving to the Cloud

As businesses rapidly shift to the cloud, the demands on the old network perimeter are too much for a standard firewall. Packet filters and stateful firewalls aren’t enough to protect networks, data, and devices from the long list of external and internal threats that exist today.

That’s why firewalls are becoming firewalls as a service (FWaaS). These new firewalls converge with other technologies, such as secure web gateways (SWG), zero-trust architectures, cloud access security brokers (CASB), and other security functions, into a new paradigm known as secure access service edge (SASE) architecture.

This convergence makes firewalls more effective at inspecting traffic and protecting your assets and data from new threats that would otherwise evade your standard packet-filtering firewall.

Frequently Asked Questions About Firewalls

Do I need a firewall?

While almost every computer today has basic built-in protections, your business is vulnerable without the advanced features of a dedicated firewall that covers your network.

What are the risks of not using a firewall?

You’re opening up your network, data, and devices to unnecessary risk if you don’t install a firewall. You have no way of knowing who’s connected to your servers. Someone could take remote control of them and steal vital data.

What are some of the major firewall brands?

Sophos, Check Point, pfSense, FortiGate, Plato Alto, Azure, SonicWall, Cisco, and Huawei are among the best-known firewall makers.

What Are the Three Types of Firewalls? (2024)
Top Articles
Why Do Dogs Watch—and React—to TV?
How does the Enphase Home Energy System work? (EN-IN)
University Of Wyoming, Sublette County 4-H Afterschool in Pinedale, Wyoming (WY)
This Streaming Superstar Met Andrew Tate -- And Started Platforming White Supremacists
Latest Posts
Windows - How to disable the Microsoft .NET Framework
Solar Battery Storage Explained | Save More With Your Store
Article information

Author: Pres. Carey Rath

Last Updated:

Views: 5604

Rating: 4 / 5 (41 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Pres. Carey Rath

Birthday: 1997-03-06

Address: 14955 Ledner Trail, East Rodrickfort, NE 85127-8369

Phone: +18682428114917

Job: National Technology Representative

Hobby: Sand art, Drama, Web surfing, Cycling, Brazilian jiu-jitsu, Leather crafting, Creative writing

Introduction: My name is Pres. Carey Rath, I am a faithful, funny, vast, joyous, lively, brave, glamorous person who loves writing and wants to share my knowledge and understanding with you.