Types Of Firewall:

firewall can be broadly categorized into following types as mentioned under:

1. Network Layer And Packet Filters:

The network layer, or Layer 3 in the OSI model, handles routing and forwarding of data packets between devices across networks. It uses IP addresses to determine the best path for data transmission.network layer firewall generally fall into two sub-categories:

• Statefull Firewall
• Stateless Firewall

(a) Statefull Firewall:

A stateful firewall operates by maintaining a state table that tracks the state of active network connections. When a packet passes through the firewall, it examines the packet headers to determine whether it belongs to an existing connection or is attempting to initiate a new one.

1. Connection Establishment: When a new connection is initiated from inside the network, the firewall allows the corresponding outgoing packet to pass through. It then adds an entry to its state table to track the connection.
2. Stateful Inspection: As packets belonging to the established connection traverse the firewall, it compares each packet against the state table to ensure they match the expected characteristics of the connection (e.g., source and destination IP addresses, port numbers, sequence numbers).
3. Stateful Decision Making: If the packet matches an existing connection entry in the state table and meets the predefined security policies, it is permitted to pass through. Otherwise, if the packet does not match any existing connection or violates security policies, it is blocked or dropped.
4. Connection Termination: When a connection is terminated, either by completing its data transfer or due to timeout, the firewall removes the corresponding entry from its state table to free up resources.

By maintaining awareness of the state of network connections, stateful firewalls provide improved security compared to traditional packet-filtering firewalls. They can distinguish legitimate traffic from malicious attempts to bypass security measures, helping to prevent various types of network attacks such as port scanning, packet spoofing, and session hijacking.

(b) Stateless Firewall:

A stateless firewall evaluates each packet independently, without considering the context of the traffic or the state of connections. It applies predefined rules to individual packets based on criteria such as source and destination IP addresses, port numbers, and protocol types. Each packet is evaluated in isolation, without any knowledge of previous or subsequent packets. This makes stateless firewalls faster and less resource-intensive but less effective at detecting and preventing sophisticated attacks compared to stateful firewalls.

2. Application Layer Firewall:

An application layer firewall, also known as a proxy firewall, operates at Layer 7 of the OSI model and examines network traffic at the application level. It inspects and filters traffic based on specific applications or protocols, such as HTTP, FTP, or SMTP. By understanding the semantics of application protocols, it can enforce granular security policies and provide advanced protection against application-level threats such as malware, data exfiltration, and unauthorized access.

3. Personal Firewall:

A personal firewall is a security software installed on individual computers or devices to monitor and control incoming and outgoing network traffic. It acts as a barrier between a user’s device and the internet, protecting against unauthorized access and potential security threats. Personal firewalls typically provide features such as packet filtering, application monitoring, intrusion detection, and privacy controls. They allow users to customize security settings, block specific applications or ports, and receive alerts about suspicious network activity. Personal firewalls are particularly useful for safeguarding personal computers and mobile devices from malware, hackers, and other online risks, especially when connected to untrusted networks such as public Wi-Fi hotspots.