The History of Firewall Security
The term firewall originated to describe a building wall that offers physical protection from damaging fire. Firewall security technology, first introduced to computer networks in the late 1980s, protects private networks by securing gateway servers to external networks like the internet. Firewalls for Windows, Mac OS or Linux exist to guard any network against hacks, cyberattacks and other unauthorized user access. A firewall can be a stand-alone machine or software in a router or server.
The oldest network firewalls are packet filters that act by inspecting the information packets transferred between computers on a network. Packet filters are “stateless,” meaning that no attention is paid to the state of the connection between machines. This first-generation firewall examines information only in the packet itself (e.g., protocol, address, port number, etc.) and, if it matches a certain set of rules, the filter will reject it and send an error response. Packet filters operate between the network and hardware layers and are adequate for controlling specific types of internet traffic using standard protocols like TCP/IP. Packets filters, although faster and requiring less memory, remain susceptible to IP spoofing attacks.
The second generation of internet firewalls moved beyond the network layer to examine the transport layer as well. Stateful firewalls maintain context about active sessions, and use that state information to speed packet processing. They filter traffic by source and destination IP, ports, services, current stage and other attributes of connection state.
Today’s advanced firewalls operate on the application layer of a network stack. This means they are capable of intercepting all packets travelling to or from running software. Application firewalls apply their filtering rules per process (i.e., to allow or block) instead of filtering connections by port. They understand all browser-based protocols like FTP, DNS and HTTP. By restricting unauthorized processes, these firewalls prevent the spread of malicious computer viruses, worms and trojans that may attempt to install or hijack the application, hardware or network.
Firewall security software typically employs a combination of all these internet firewall technologies to complete deep packet inspection – protecting the entire TCP/IP stack. The latest firewall technologies now emerging integrate different user identities into their filtering rules. Firewall functionality can be shared with complex intrusion prevention systems that defend today’s enterprise networks. Proxy server software routinely hides true network addresses, intercepts all messages entering and leaving the enterprise, and screens them for users according to firewall security policy. However, all these are often not enough to completely prevent security breaches and other exploits of external origin.
Therefore, all firewalls are considered a first line of defense in protecting enterprise data and applications. Databases employ encryption to protect private information from prying eyes. Secure authentication procedures grant network access only to authorized enterprise or mobile application users. Applications can be security tested to expose and eliminate common software vulnerabilities. Veracode helps information security practitioners move beyond network firewalls with secure coding practices that protect applications from the inside out.
See More Veracode Security Solutions
Software Testing Tools
Web Application Security
Static Code Analysis
Source Code Analysis
Web Application Testing
Written by: Neil DuPaul