<aside> <img src="/icons/wall_gray.svg" alt="/icons/wall_gray.svg" width="40px" /> A Firewall is a network security device or software that monitors and controls network traffic based on security rules. It protects networks from unauthorized access and potential threats

</aside>

Screened Subnet (Dual-homed Host)

• Acts as security barrier between external untrusted networks and internal trusted networks using a protected host with security measures like a packet-filtering firewall

Types of Firewalls

Packet Filtering Firewalls

• Inspect packet headers for IP addresses and port numbers
• Limited in inspection, operates at Layer 4 (Transport Layer)

Stateful Firewalls

• Track connections and requests, allowing return traffic for outbound requests
• Operates at Layer 4, with improved awareness of connection state

Proxy Firewalls

• Make connections on behalf of endpoints, enhancing security
• Two Types of Proxy Firewalls
  • Session Layer (Layer 5)
  • Application Layer (Layer 7)

Kernel Proxy Firewalls

• Minimal impact on network performance, full inspection of packets at every layer
• Placed close to the system they protect

Firewall Evolutions

Next Generation Firewall (NGFW)

• Application-aware — distinguish between different types of traffic
• Conduct deep packet inspection and use signature-based intrusion protection