A firewall (specifically a network firewall) is a network security appliance that monitors as well as controls incoming and outgoing network traffic. It takes action to either block or allow specific traffic based on pre-determined security rules. The very basic purpose of firewall is typically to establish a barrier between a trusted internal network and untrusted outside network like internet and preventing the unauthorized access.
Network Firewalls are positioned on the gateway computers of LANs (Local Area Networks), WANs (Wide Area Networks) and intranets. They are either software appliances running on general-purpose hardware, or hardware-based firewall computer appliances. Firewall appliances may also offer other functionality in addition to protection, such as acting as a DHCP (Dynamic Host Configuration Protocol) or VPN (Virtual Private Network) server for that internal network.
Types of Firewalls – Proxy firewall
An early type of firewall device, a proxy firewall serves as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality such as content caching and security by preventing direct connections from outside the network. However, this also may impact throughput capabilities and the applications they can support.
Stateful inspection firewall
Now thought of as a “traditional” firewall, a stateful inspection firewall allows or blocks traffic based on state, port, and protocol. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on both administrator-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.
Unified threat management (UTM) firewall
A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion prevention and antivirus. It may also include additional services and often cloud management. UTMs focus on simplicity and ease of use.