Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

FireWall-1

What is a FireWall?

What do firewalls do?
A firewall is a network security device that ensures that all communications attempting to cross it meet an organization's security policy. Firewalls track and control communications, deciding whether to allow, reject or encrypt communications. Traditionally, firewalls have been designed primarily to provide perimeter access control to network resources. However, firewalls are increasingly being deployed to protect sensitive portions of local area networks and individual PCs. Also, while most firewalls provide effective access control, many are not designed to detect and thwart attacks at the application level. In order to address the increasing threat from application-driven attacks, firewalls must provide comprehensive security on multiple-levels. These levels of security should protect against both network and application attacks, while providing robust access control to IT resources.

How do firewalls work?
Historically, three different technologies have been used to implement firewalls: Packet Filters, Application-Layer Gateways and Stateful Inspection. Stateful Inspection, a technology developed and patented by Check Point, has become the de facto industry standard for firewalls. Just as Stateful Inspection has revolutionized firewalls, a new technology introduced by Check Point, Application Intelligence, promises to do the same. Both Stateful Inspection and Application Intelligence are based on Check Point's unique and patented INSPECT technology.

Packet Filters - Packet filters, usually implemented on routers, filter traffic based on packet content, such as IP addresses. They examine a packet at the network layer and are application independent, which allows them to deliver good performance and scalability. However, they are the least secure type of firewall. The reason is that they cannot understand the context of a given communication, making them easier for hackers to break.

Application-Layer Gateways - Application-layer gateways (ALGs) use agents, called application proxies, to improve on security by bringing context information into the decision process. However, every application requires a new proxy, making scalability and support for new applications an issue. As a result, ALGs tend to focus on providing either single application (e.g., web server) attack protection, or application access control without dedicated attack protection. ALGs also tend to have very limited capabilities at the network level.

Stateful Inspection - Stateful Inspection, a technology developed and patented by Check Point, has become the de facto standard for firewalls. Check Point's Stateful Inspection is based upon INSPECT, and extracts the state-related information required for security decisions and maintains this information in dynamic state tables for evaluating subsequent connection attempts. This provides a solution that is highly secure and offers maximum performance, scalability, and extensibility.

Application Intelligence - Application Intelligence is a technology that also is based on INSPECT, and provides a set of advanced capabilities that detect and prevent application-level attacks. Check Point FireWall-1 combines Stateful Inspection and Application Intelligence to offer integrated network and application-level capabilities to deliver comprehensive attack protection and network security.

To learn more about Stateful Inspection, read Check Point’s Stateful Inspection Technology Tech Note (PDF).

Learn more about Application Intelligence.