Picking the best firewall software, hardware or application
A comprehensive collection of articles, videos and more, hand-picked by our editors
What are the most sophisticated attacks a firewall can repel by preventing or blocking traffic?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
It’s important to understand the role firewall network security plays with respect to information security controls. I would encourage enterprise security pros to think of a firewall as one layer in a set of defenses that comprise a defense-in-depth strategy, rather than as a standalone defense that protects against a specific set of attacks. The reality is many potential attacks are thwarted because of the interaction of a series of defenses rather than a single control.
The basic function of firewall network security is to control the traffic passing between two networks and block any undesired traffic. This is often expressed in the philosophy, “block anything that is not explicitly allowed.” A firewall is like a gatekeeper, watching the network and inspecting each packet to ensure it meets network security policy before it is allowed to pass.
In serving this basic role, firewalls prevent many simple attacks from succeeding. They can easily block reconnaissance attacks, such as port sweeps or IP scanning. They also restrict remote access to workstations and servers in enterprise environments, in addition to providing a degree of isolation between a network and the Internet at large. This set up can be thought of as a fence that separates a network from the outside world.
Modern firewalls also incorporate and integrate with other security controls to provide an added level of defense. These include intrusion detection and prevention systems, application-layer scanning, and other advanced defenses that monitor for and block sophisticated attack attempts.
However, firewalls will never protect a network against an insider attack. For example, a firewall placed at the perimeter of a network is not capable of protecting against an attack waged on an internal server by an employee. Similarly, if a firewall is used to segment the data center network from the corporate intranet, that firewall will be unable to prevent more sophisticated attacks like a server-to-server attack. This underscores the importance of a layered defense; an in-depth approach that includes both host-based controls, such as host firewalls and access control systems, in addition to network-based controls.
Related Q&A from Mike Chapple
The PCI SSC extended the deadline for organizations to update TLS encryption standards before announcing PCI DSS 3.2. Expert Mike Chapple examines ...continue reading
Biometric security systems come with many advantages, but do they also come with many regulations? Expert Mike Chapple discusses biometric ...continue reading
A recent FTC lawsuit against Wyndham Hotels highlighted concerns for enterprises that have suffered a data breach. Expert Mike Chapple discusses the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.