Stateless vs. Stateful Firewalls
One of the major milestones in the development of early firewalls was the transition from stateless to stateful firewalls. The original, stateless firewalls were not designed to store any information about a particular connection from one packet to the next. This meant that they were capable of catching obvious attacks but missing more sophisticated and subtle ones.
A stateful firewall, first offered by Check Point, stores some information throughout the life of a connection. This enables it to detect more subtle anomalies. For example, a DNS response packet without a corresponding request could indicate an attempted DNS spoofing or amplified Distributed Denial of Service (DDoS) attack. These sorts of attacks would be invisible to a stateless firewall that assumed that any inbound DNS response was the result of a valid request.
Data Center Firewall vs. Cloud Firewall
A more recent and major stage in the evolution of the firewall was the transition from traditional firewalls, designed to protect on-premises data centers, to the cloud or “next-generation” firewall, which is capable of securing modern, cloud-based infrastructure against the current cyber threat landscape.
Traditionally, firewalls were deployed at the network perimeter and performed traffic filtering based upon IP addresses, port numbers, and protocols. These network firewalls were typically designed as standalone appliances that could identify and block attacks targeting anything within the network perimeter. Since organizations operated their own data centers on-site and controlled their network infrastructure, this was a workable approach to network security.
A next-generation firewall incorporates additional features above and beyond those of a traditional firewall, including application inspection, threat prevention, and integrated threat intelligence. A cloud firewall is a next-generation firewall that is designed to protect the modern network, which includes cloud-based infrastructure. Instead of protecting a defined network perimeter that no longer exists in the modern network, cloud firewalls are deployed in cloud environments and protect an organization’s cloud-based applications from attack – wherever they are located.
Essential Features for the Modern Firewall
The main difference between traditional firewalls and a next-generation firewall is that a modern firewall provides a range of features above and beyond simple port and protocol-based traffic inspection. A modern firewall should include certain core functionality that is essential to effectively protecting an organization against cyber threats:
Unified Security Management
Modern companies face a sophisticated and evolving cyber threat landscape and are protecting growing and diverse network environments. A modern firewall should enable security teams to monitor and manage security across their entire network from a single console.
Integrated Threat Prevention
The modern firewall should provide protection against both basic and advanced cyber threats. This requires both core prevention technology – such as anti-virus, anti-malware, and anti-phishing protection – as well as the ability to ingest threat intelligence feeds and use them to identify more sophisticated attacks.
Application and Identity-Based Inspection
Different applications, systems, and users within an organization’s network require varying permissions, levels of access, and security policies. A modern firewall should be capable of identifying the application, system, or user associated with a network flow and applying specific security policies based upon this information.
Hybrid Cloud Support
Almost every enterprise is using a multi-cloud deployment, and the majority of these have hybrid cloud infrastructure. A cloud firewall should be capable of enforcing consistent security policies across an organization’s entire network infrastructure while enabling the security team to manage these policies from a single console.
Scalable Performance
Traditional, hardware-based firewalls do not scale well, making it difficult and expensive for an enterprise to adapt to changing conditions. Modern firewalls should be capable of leveraging cloud technology to rapidly scale to meet the evolving needs of the business that they protect.
Making the Move to a Modern Firewall
Firewalls have undergone a number of stages in their evolution from the original, stateless firewall to the modern, cloud firewall. While earlier iterations of the firewall were capable of protecting an organization against the threats of their day, only a next-generation firewall is capable of providing adequate protection against the modern cyber threat landscape.
Using a firewall without the five core features of a next-generation firewall jeopardizes your organization’s network security. To learn more about these core features and how to make the right choice when selecting a firewall to protect your company and network against cyberattacks, check out this guide. And of course, you’re welcome to contact us or schedule a demo to learn why Check Point firewalls are the best choice for securing your network.
Feedback