The eight types of deployable firewalls include traditional network firewalls, unified threat management, next-generation firewalls, web application firewalls, database firewalls, cloud firewalls, container firewalls, and firewalls-as-a-service.
These inform the pros, cons, and the best use cases for each firewall and how each type of firewall delivers a unique solution.
The chart below compares generally-available features with the associated firewall type, but keep in mind all classifications are generalities and some advanced traditional firewalls may perform some malware filtering and some database firewalls may be capable of session filtering.
Traditionally, vendors delivered all firewalls in purpose-built hardware appliances, but now nearly all types of firewalls may be deployed as software ready to be installed as virtual machines or containers.
Virtual firewalls offer improved flexibility, rapid deployment, and a full range of capabilities, from simple-host-based operating system firewalls to full-NGFW capabilities.
Traditional firewalls are known as host-based firewalls when built into operating systems, enterprise network routers, and consumer Wi-Fi routers.
Purchasing low-cost firewalls providing traditional functionality can enable fast and easy firewall protection, but IT teams with more time might prefer open-source software firewalls.
Next-generation firewalls expand on the capabilities of traditional firewalls with more robust inspection of the contents of each data packet.
Protection Level Operations Throughput Vendors Open-Source Options High, but specialized; usually ignores basic firewall functions Medium; application packet inspection takes time, but specialized filtering reduces operations drag Akamai, Barracuda, Citrix, Cloudflare, F5 Networks, Fastly, Fortinet, Imperva, Netscaler, Radware, Wallarm Coraza, ModSecurity, open-appsec, Shadow Daemen Use Cases Common Features.
Database firewalls are a subset of web application firewalls that protect databases.
Cloud-based firewalls may be specialized firewalls or may be fully functional NGFWs.
Container firewalls deliver traditional firewall capabilities and filter traffic in, out, and within the container environment.
Container firewalls can also be integrated with developer operations tools and processes to keep up with agile requirements.
Protection Level Operations Throughput Vendors Open-Source Options High, but specialized; relies upon other firewalls and tools for full protection High; tightly defined allow lists and focused packet inspections keep throughput high Juniper Networks, Palo Alto Networks SUSE, Tigera Use Cases Common Features Pros Cons.
Protection Level Operations Throughput Vendors Open-Source Options High; robust NGFW capabilities delivered at scale and with expansive geographic presence Medium; scalable cloud resources provide power, but FWaaS cannot be optimized and customized to the same level as fully controlled firewall architecture AppTrana, Cisco, Forcepoint, Fortinet, NordLayer, Perimeter 81, SecurityHQ, Zscaler n/a Use Cases Common Features Pros Cons Service provider probably doesn't know the specific security needs of its customers.
All of the types of firewalls above can be purchased or installed.
Some companies may be too small, lack IT staff, or simply want to avoid the hassles of configuring and managing their own firewalls.
FWaaS provides one option for fully-outsourced firewalls in the lowest common denominator form.
Organizations with these additional constraints can hire managed service providers, managed security service providers, and other cybersecurity consultants to purchase, install, configure, monitor, and maintain a diverse array of firewalls.
Not all businesses will need the same types of firewalls.
This Cyber News was published on www.esecurityplanet.com. Publication date: Thu, 04 Jan 2024 19:13:05 +0000