Firewall Methods

A firewall is a software or network security system that monitors and controls everything that goes out and enters network traffic based on advanced and defined security rules. In the previous article, the author discussed the definition and explanation of firewalls. Still on the same theme, according to the title of this article, it will discuss firewall methods that are often used. What are these methods? The following is an explanation.

Packet Filtering

The first method is packet filtering, aka packet filtering. Packet filtering firewalls are the oldest and most basic architecture. As quoted in an article written by Eric Dosal, basically this packet filtering performs a simple examination of data packets on routers and switches. Then, after that the information obtained such as port numbers, destination and origin IP addresses, as well as other surface-level information is checked without opening the packet to check its contents. The final step is that if the packet of information after inspection does not pass inspection, then the packet will be discarded.

Stateful Inspection

Next up is stateful inspection or dynamic packet filtering. What is stateful inspection? As quoted in Techopedia, this method compares the most important parts of inbound and outbound data so not just header information. It is used to determine whether information is authorized to cross the firewall into the network. While Dosal mentions that this firewall method combines packet inspection technology and TCP handshake verification to create a greater level of protection.

Circuit-Level Gateways

Circuit-Level Gateways function to verify TCP (transmission control protocol) handshakes because they are designed to ensure that the session of a packet is legitimate. This one method is intended to easily and quickly approve or deny traffic without using significant computing resources.

Proxy Firewall

The next method is a proxy firewall or application-level gateway. This method operates at the application layer to filter incoming traffic between the network and the traffic source. Then sent through other proxy devices or cloud-based solutions. The proxy firewall establishes a connection to the traffic source and checks the incoming data rather than letting the traffic connect directly. This inspection is almost the same as the method in the second point, namely stateful inspection, but the difference is that this proxy firewall performs deep layer packet inspection, checking and verifying if the information packet contains malware.

Application Gateway

The last method is the application gateway or in Indonesian, the application gateway. What does that mean? This application gateway technique uses security methods. This method is applied to certain applications such as Telnet and File Transfer Protocol servers.

Those are the methods generally used by firewalls. If you have a firewall and want to monitor it and don’t know the right tool, NetMonk, a network monitoring application and network monitoring services can be the right tool for your monitoring needs as we explained in the previous article. If you are curious about how our product works, please see our demo here. But if you want to get more information about our products and PoC, please contact our marketing team here.

Reference:

https://personalfirewall.comodo.com/what-is-firewall.html

https://www.techopedia.com/definition/5355/firewall

https://www.compuquip.com/blog/the-different-types-of-firewall-architectures