Firewalls establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. These are the network security systems (hardware/ software-based) that monitors & controls the traffic flow between the Internet and private network on the basis of a set of user-defined rules.

There are three basic types of firewalls that are used by companies to protect their data & devices. Here is a brief brief introduction about each of these.

Packet Filters

Packet Filter Firewall controls the network access by analyzing the outgoing and incoming packets. It lets a packet pass or block its way by comparing it with pre-established criteria like allowed IP addresses, packet type, port number, etc. Packet filtering technique is suitable for small networks but gets complex when implemented to larger networks. It is to be noted that these types of firewalls cannot prevent all types of attacks. They can neither tackle the attacks that use application layers vulnerabilities nor can fight against spoofing attacks.

Stateful Inspection Firewalls

Stateful Packet Inspection (SPI), which is also sometimes called dynamic packet filtering, is a powerful firewall architecture which examines traffic streams from end to end. These smart and fast firewalls use an intelligent way to ward off the unauthorized traffic by analyzing the packet headers and inspecting the state of the packets along with providing proxy services. These firewalls works at the network layer in the OSI model and are more secured than the basic packet filtering firewalls.

Application-Level Gateway Firewalls

Also called the application level gateways, Proxy Server Firewalls are the most secured type of firewalls that effectively protect the network resources by filtering messages at the application layer. Proxy firewalls mask your IP address and limit traffic types. They provide a complete and protocol-aware security analysis for the protocols they support. Proxy Servers offers the best Internet experience and results in the network performance improvements.