Know Your Network: Firewalls

Enterprise networks can be somewhat complicated. This critical part of an organization’s infrastructure includes several different components that all work in conjunction with one another to support user activities. With a full understanding of each individual piece of the puzzle, IT managers can be better equipped to troubleshoot and optimize their networks for the best performance possible.

In the first part of this ongoing series, we’ll take a look at firewalls, including the history of this security measure, how they have evolved over the years and why they are still an important part of the network today.

Firewall technology is born
According to Computer Weekly, the first firewalls were created in the late 1980s by the Digital Equipment Corporation. These early protection measures had the ability to examine data packet properties and decide if they aligned with pre-configured rules, such as source, destination address and port numbers. The first firewalls were also able to deflect certain types of traffic and forward or drop packets. These early components functioned at the first four layers of the Open Systems Interconnection model.

While effective at the time, researchers later determined that these firewalls were very resource-intensive, and looked to improve upon this process. This led to the development of circuit-level firewalls, also known as stateful firewalls, first established by Check Point Software Technologies.

Firewall technology was first established in the 1980s, and remains an important part of the network today. Firewall technology was first established in the 1980s, and remains an important part of the network today.
Firewall technology was first established in the 1980s, and remains an important part of the network today. 

From here, security experts enhanced these protection measures even further, creating more advanced firewalls that delve into the transport layer headers and could establish and update a table of active connections and their statuses. These conditions – new, active or non-existent – were incorporated into the rule-set the firewall uses to determine what to do with each individual data packet. The development of this stateful firewall paved the way for the creation of the packet-filtering firewall, also known as a stateless firewall.

Application-level and next-generation
The 1990s saw the development of the first open source application level firewall. Finally, the first firewall product was released by DEC in 1991.

“This third generation of firewall technology pushed packet inspection all the way up to the application layer (layer 7),” Computer Weekly contributor Rik Ferguson wrote. “This meant that not only the information pertaining to connection and connection state could be incorporated into a rule-set, but also information relating to the operations being carried out under an individual protocol.”

More than a decade ago, the first next-generation firewalls were developed, which included a range of capabilities such as user authentication, anti-malware, URL filtering and application-level functions. It is this next-generation technology that enabled the innovation that led to today’s firewall technology, which incorporates network intrusion prevention and deep-packet inspection contained in a high-performance hardware platform.

“Firewalls are essential as they provide support for user authentication, the enforcement of network security policies and the logging of internetwork activity.”

Looking toward the future
InformationWeek contributor Liviu Arsene noted that firewalls are an essential network component as they provide the support needed for user authentication, the enforcement of network security policies and the logging of internetwork activity.

“Companies use firewalls as part of their network-perimeter defense to make security decisions efficiently and protect every host on the private network from outside attacks,” Arsene wrote. “To this end, the company firewall becomes the only zone of risk from Internet attacks, while hosts in the internetwork are kept safe.”

Now, firewalls can be deployed as hardware- or software-based appliances, offering a level of flexibility not seen with previous firewalls. However, there is still room for innovation, particularly where network traffic is concerned. Arsene noted that the firewall of the future needs expanded capabilities for automatically recognizing legitimate vs. illegitimate traffic. This will allow the firewall to better protect against zero-day and other threats in a more streamlined, responsive manner.

In addition, these critical network components must also be able to support high traffic volumes.

“Based on the current adoption of high-speed Internet, one thing is certain: Whether they’re hardware or software, potential firewalls need to be able to filter traffic throughput of at least 10 GB per second in the next couple of years,” Arsene wrote.

Check back later for the next installment of this series where we delve into the function of network switches.

Categories: Network Reliability


Subscribe