Firewall Types - CompTIA Security+ SY0-701 - 3.2

The universal security control

Standard issue

- Home, office, and in your operating system

• Control the flow of network traffic

- Everything passes through the firewall

• Corporate control of outbound and inbound data

- Sensitive materials

• Control of inappropriate content

- Not safe for work, parental controls

• Protection against evil

- Anti-virus, anti-malware

Network-based firewalls

• Filter traffic by port number or application

- Traditional vs. NGFW

• Encrypt traffic

- VPN between sites

• Most firewalls can be layer 3 devices (routers)

- Often sits on the ingress/egress of the network

- Network Address Translation (NAT)

- Dynamic routing

UTM / All-in-one security appliance

Unified Threat Management (UTM) / Web security gateway

URL filter / Content inspection, malware inspection, spam filter, CSU/DSU, router, switch, firewall, IDS/IPS, bandwidth shaper, VPN endpoint

Next generation firewall (NGFW)

The OSI Application Layer - All data in every packet

• Can be called different names

- Application layer gateway

- Stateful multilayer inspection, deep packet inspection

• Broad security controls

- Allow or disallow application features

- Identify attacks and malware

- Examine encrypted data

- Prevent access to URLs or URL categories

Web Application Firewall (WAF)

Not like a "normal" firewall

- Applies rules to HTTP/HTTPS conversations

• Allow or deny based on expected input

- Unexpected input is a common method of

exploiting an application

• SQL injection

- Add your own commands to an application's

SQL query

• A major focus of Payment Card Industry

- Data Security Standard (PCI DSS)