The software or hardware systems that control the incoming and outgoing data traffic on your servers, network infrastructure and personal computers and allow or prevent data passage according to the determined filtering policies are called Firewalls.
In terms of filtering preferences, we can talk about two types of firewall structures. The first of these are firewalls that filter to prevent data traffic, and the other is firewalls that filter and regulate data traffic with certain rules. It is entirely up to users’ preferences to determine these filtering policies and access permissions.
What are the Firewall Types?
We can examine firewalls in 2 main categories, which can also be divided into different sub-headings. These;
- Firewalls by Structure
- Firewalls by Architecture
Firewalls by Structure
1. Hardware Firewall
Hardware firewalls are systems that are operated by integrating into the router between a server and a network. It is an ideal option for systems with more than one server, with its ability to manage traffic and distinguish which server is suitable for which filtering rules.
Some of the most important features of hardware firewalls are as follows;
- Intrusion Prevention System (IPS): IPS monitors the network for malicious or unwanted activities and can react in real time to block these activities.
- Anti-Virus / Anti-Spyware / Anti-Malware: Advanced Anti-Virus technology provides real-time protection against multiple attacks on the gateway.
- It supports two types of VPNs (SSL and Ipsec or Site-to-site) with bidirectional content filtering.
- Examines all major protocols like SMTP, POP3, IMAP, FTP, HTTP.
It is possible to list some of its important advantages as follows;
- Speed: Hardware firewalls can handle higher traffic volumes as they are designed for faster response times.
- Security: A firewall with its own operating system is less prone to attacks. This reduces security risks.
- Less Confusion: Hardware firewalls are better managed as they are an isolated network component. In this way, it does not load other applications and does not slow them down. It can also be moved, shut down or reconfigured without much interference to the network.
2. Software Firewall
Software firewalls are installed on individual leased server services and intercept each connection request to determine whether the request is valid or not. Although they have disadvantages in terms of performance, they also have many advantages. Some of these important advantages are;
- Ease of Use: Compared to hardware firewalls, software firewalls are easier to configure and install.
- Flexible: With software firewalls, you can restrict certain applications from the internet. This makes software firewalls more flexible.
- Full Control: Software firewalls offer full control through a user-friendly interface that requires little or no knowledge.
Firewalls by Architecture
1. Packet Filters Firewall
Packet filtering or network layer (Layer 3) firewalls are the most basic type of firewall. Such firewalls receive packets and evaluate them, usually according to predetermined filtering policies and access permissions. As a result of this evaluation, packets can be routed to their destination, dropped, or an error message describing what happened to the source.
2. Stateful Inspection Firewall
Stateful Inspection Firewalls operate at the network layer of the OSI model and monitor both data headers and traffic content. The main difference between packet filters and stateful inspection firewalls is that not only the packet headers are examined, but also the state of the packets by providing proxy services. Stateful inspection firewalls maintain a state table and instruction set for each packet to be inspected and stored by traffic type. It also monitors each TCP connection and remembers which ports are used by that connection. If there is a port that is not required to connect, it closes that port.
3. Application Level (Gateway) Firewall
Application level firewalls are the most common firewalls that increase the overall security of the application infrastructure by preventing attacks that cause service interruption or structural damage to data sources. At the application layer level of the OSI model, it works in two forms, active and passive.
Active application firewalls are the form that controls all incoming requests and is active against known vulnerabilities such as SQL injection, cookie modification and cross-site scripting. Only requests that are considered “clean” will be implemented.
Passive application layer firewalls act similarly to IDS (Intrusion Detection System) in examining all incoming requests for known vulnerabilities, but if a potential attack is found, they do not actively reject or deny those requests.