Firewalls are security tools that examine the flow of data packets in and out of the enterprise; they're governed by rules that decide whether that flow is safe, malicious, or questionable and in need of inspection. Some experts argue -- as one in this guide does -- that the firewall is not essential. But if you determine you need firewall protection, that's just the start of the implementation process. Decisions must also be made about which firewall features and policies best suit your company, and about how to test the firewall once it's deployed.
Meanwhile, hackers are getting more sophisticated, and vendors are responding with more advanced firewalls and related products. So you need to know about firewall variants and offshoots: Web-application firewalls, next-generation firewalls, unified threat management, software-defined networking and more.
This guide reviews the state of the firewall, outlines what's ahead in an increasingly virtualized networking world and teaches you the lingo you need to understand it all.
1State of the firewall-
How to choose, implement and manage a firewall
The firewall is a long-established tool to protect a network by controlling incoming and outgoing network traffic via a set of rules that determine whether data packets are safe or not. Setting up firewall protection begins with a simple question: Do you need one or not? If you decide you do, though, then the complications begin. What features should it possess, and what policy should rule it? How can you make it as effective as possible -- and how and how often must you test it to make sure it's doing what it should? This module takes you from the question of whether to implement a firewall to how to make it the best it can be, and also addresses related issues, such as how to get the people using it to make it even stronger.
Assuming the firewall is all you need to be secure is a dangerous idea. In fact, you may even be able to live without one. Continue Reading
Application firewalls: A new innovation
As hackers and their tricks get more sophisticated, firewall vendors are hustling to keep up. One innovation is the application firewall, which includes the Web-application firewall (WAF). An application firewall is -- as the name suggests -- an advanced security tool that blocks attacks to the network at the application level. This section of our guide explains the latest developments in, and pros and cons of, application firewalls in general, and WAFs in particular, and how to make them work well for you.
If application-layer firewalls examine traffic more carefully than traditional firewalls, why isn't everyone deploying them? Continue Reading
Read about the intersection of the three main approaches to testing and ensuring application security: the WAF, code and application scanning, and manual penetration testing. Continue Reading
Next-generation firewalls coming fast
Technology evolves faster and faster, and tech related to firewall protection is no exception. Even as you're implementing your latest firewall tool, you need to keep an eye on the future. Read on to get a grasp on what's coming next in next-generation firewall (NGFW) technology.
What’s coming next? NGFWs that are granular, app-aware and more. Continue Reading
A network security expert guides you through the maze of features and points out the key ones you must have with your NGFW. Continue Reading
The next generation of firewalls is more complex to manage, and has layers of rules and policies to write and track. Continue Reading
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features. Continue Reading
New firewall products and other developments
Once you have a grasp on firewall protection in general, and the advantages and challenges of the NGFW in particular, you're ready to evaluate specific products and the ways firewall technology relates to other evolving technology, such as unified threat management (UTM) devices. And then there's the question being asked in every part of the high-tech world: What will be the impact of software-defined networking (SDN)?
Learn some firewall lingo
New tech means new terms. This section helps you build up your firewall vocabulary.