A firewall is a network security device, either hardware or software-based, which monitors all

incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or
drops that specific traffic. Accept : allow the traffic Reject : block the traffic but reply with an
“unreachable error” Drop : block the traffic with no reply A firewall establishes a barrier
between secured internal networks and outside untrusted network, such as the Internet.

First Generation- Packet Filtering Firewall: Packet filtering firewall is used to control network
access by monitoring outgoing and incoming packets and allowing them to pass or stop based on
source and destination IP address, protocols, and ports. It analyses traffic at the transport
protocol layer (but mainly uses first 3 layers). Packet firewalls treat each packet in isolation.
They have no ability to tell whether a packet is part of an existing stream of traffic. Only It can
allow or deny the packets based on unique packet headers. Packet filtering firewall maintains a
filtering table that decides whether the packet will be forwarded or discarded. From the given
filtering table, the packets will be filtered according to the following rules:

Second Generation- Stateful Inspection Firewall: Stateful firewalls (performs Stateful Packet
Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall,
which makes it more efficient. It keeps track of the state of networks connection travelling across
it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but
also on packet’s history in the state table.

Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter
the packets on any OSI layer, up to the application layer. It has the ability to block specific
content, also recognize when certain application and protocols (like HTTP, FTP) are being
misused. In other words, Application layer firewalls are hosts that run proxy servers. A proxy
firewall prevents the direct connection between either side of the firewall, each packet has to
pass through the proxy. It can allow or block the traffic based on predefined rules. Note:
Application layer firewalls can also be used as Network Address Translator (NAT).

Next Generation Firewalls (NGFW): Next Generation Firewalls are being deployed these days to
stop modern security breaches like advance malware attacks and application-layer attacks.
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and
many functionalities to protect the network from these modern threats.

Types of Firewall

Firewalls are generally of two types: Host-based and Network-based.

Host- based Firewalls: Host-based firewall is installed on each network node which controls each
incoming and outgoing packet. It is a software application or suite of applications, comes as a
part of the operating system. Host-based firewalls are needed because network firewalls cannot
provide protection inside a trusted network. Host firewall protects each host from attacks and
unauthorized access.
Network-based Firewalls: Network firewall function on network level. In other words, these
firewalls filter all incoming and outgoing traffic across the network. It protects the internal
network by filtering the traffic using rules defined on the firewall. A Network firewall might
have two or more network interface cards (NICs). A network-based firewall is usually a
dedicated system with proprietary software installed.

Advantages of using Firewall

1. Protection from unauthorized access: Firewalls can be set up to restrict incoming traffic
from particular IP addresses or networks, preventing hackers or other malicious actors
from easily accessing a network or system. Protection from unwanted access.
2. Prevention of malware and other threats: Malware and other threat prevention: Firewalls
can be set up to block traffic linked to known malware or other security concerns,
assisting in the defense against these kinds of attacks.
3. Control of network access: By limiting access to specified individuals or groups for
particular servers or applications, firewalls can be used to restrict access to particular
network resources or services.
4. Monitoring of network activity: Firewalls can be set up to record and keep track of all
network activity. This information is essential for identifying and looking into security
problems and other kinds of shady behavior.
5. Regulation compliance: Many industries are bound by rules that demand the usage of
firewalls or other security measures. Organizations can comply with these rules and
prevent any fines or penalties by using a firewall.
6. Network segmentation: By using firewalls to split up a bigger network into smaller
subnets, the attack surface is reduced and the security level is raised.

Disadvantages of using Firewall

1. Complexity: Setting up and keeping up a firewall can be time-consuming and difficult,

especially for bigger networks or companies with a wide variety of users and devices.
2. Limited Visibility: Firewalls may not be able to identify or stop security risks that operate
at other levels, such as the application or endpoint level, because they can only observe
and manage traffic at the network level.
3. False sense of security: Some businesses may place an excessive amount of reliance on
their firewall and disregard other crucial security measures like endpoint security or
intrusion detection systems.
4. Limited adaptability: Because firewalls are frequently rule-based, they might not be able
to respond to fresh security threats.
5. Performance impact: Network performance can be significantly impacted by firewalls,
particularly if they are set up to analyze or manage a lot of traffic.
6. Limited scalability: Because firewalls are only able to secure one network, businesses
that have several networks must deploy many firewalls, which can be expensive.
 7. Limited VPN support: Some firewalls might not allow complex VPN features like split
tunneling, which could restrict the experience of a remote worker.
8. Cost: Purchasing many devices or add-on features for a firewall system can be expensive,
especially for businesses.

Real-Time Applications of Firewall

1. Corporate networks: Many businesses employ firewalls to guard against unwanted access
and other security risks on their corporate networks. These firewalls can be set up to only
permit authorized users to access particular resources or services and to prevent traffic
from particular IP addresses or networks.
2. Government organizations: Government organizations frequently employ firewalls to
safeguard sensitive data and to adhere to rules like HIPAA or PCI-DSS. They might
make use of cutting-edge firewalls like Next-generation firewalls (NGFW), which can
detect and stop intrusions as well as manage access to particular data and apps.
3. Service providers: Firewalls are used by service providers to safeguard their networks
and the data of their clients, including ISPs, cloud service providers, and hosting firms.
They might make use of firewalls that accommodate enormous volumes of traffic and
support advanced features such as VPN and load balancing.
4. Small enterprises: Small firms may use firewalls to separate their internal networks,
restrict access to specific resources or applications, and defend their networks from
external threats.
5. Networks at home: To guard against unwanted access and other security risks, many
home users employ firewalls. A firewall that many routers have built in can be set up to
block incoming traffic and restrict access to the network.
6. Industrial Control Systems (ICS): Firewalls are used to safeguard industrial control
systems against illegal access and cyber attacks in many vital infrastructures, including
power plants, water treatment facilities, and transportation systems.