A firewall’s main purpose is to build a fence (or “wall”) that classifies a private network from incoming external traffic (such as the internet) for the goal of blocking malicious network packets like malware and intrusions.
The numerous prevalent firewall varieties based on modes of operation are
Analyse packets and prevent them from moving on if the specific firewall rule is not listed. Packet filtering firewalls don’t open data packets to inspect their contents. Any data packet that fails the simple inspection is dropped.
Proxy firewalls generally function in the cloud or through another proxy appliance. Instead of permitting traffic to connect directly, a connection to the traffic’s source is established and the data packet is analysed.
Network address translation (NAT) firewalls work by assigning a public address to a group of devices inside a private network. With NAT, individual IP addresses are hidden. Prevents discovering details from the adversaries.
WAF are able to filter, monitor, and block data packets as they travel in and out of web apps. A WAF can either reside on the network, at the host or in the cloud and is typically placed in front of one or many websites or applications.
Next-Generation Firewalls (NGFW) or Unified Threat Management (UTMs) are a combination of various other defensive security strategies combined and provided as a bundle.
- Software-defined wide area networks (SDWAN).
- Gateway-Level Anti-Virus.
- Anti-Spam Filtering.
- Intrusion Prevention Systems (IPS).
- Intrusion Detection Systems (IDS).
- Secure Email Gateways.
- Stateful-Filtering Firewalls.
- Packet-Filtering Firewalls
- Web Application Firewalls.
- Dynamic Packet Filtering Firewalls.
- SSL VPNs or Virtual Private Networks.
A secure web gateway, on the other hand, has some firewall functionality but is not the same as a firewall and only focuses on outgoing web traffic (often restricted to ports 80 and 443
The proxy can act as a Firewall. However, Firewalls is not a proxy. Proxy firewalls, also known as application-level firewalls, filter network traffic at the application layer of the OSI network model. As an mediator between two systems, proxy firewalls monitor traffic at the application layer HTTP and FTP). To discover anomalies in the traffic, both stateful and deep packet inspection are leveraged.
VPNs encrypt traffic between devices so that the session can safely traverse public networks (usually over the Internet) and has been made virtually private.
benefits of pen testing
Ensure to adhere to the Legal, Regulatory and Compliance Requirements in each first-line of defence – Firewalls.
Mitigate the invasion and prevent most unauthorised connection endeavours.
Be Proactive which is synonymous with the Information Security.
Avoid Insider Threats by ensuring there are no Rogue devices to prevent eavesdropping.
Ensure the Firewalls policies are working as envisioned.
Simulates the evasion of Firewalls through various attack-vectors.