The term “firewall” became prominent in the 1980s with the spread of the TCP/IP protocol where creating a barrier from one a trusted internal network and an untrusted external network became necessary.
- First Generation: Packet Filters
They were developed in 1988 by the engineers from Digital Equipment Corporation.Packet filters inspect packets transferred between computers on the internet. The packet includes a set of filter rules so if the packet does not match those rules, then packet filter will drop the packet, or completely reject/discard of it and send an error response the original source.
- Second Generation: "Stateful" Filters
These new set of firewalls were developed in 1989 by Dave Presetto, Janardan Sharma,and Kshitij Nigam, 3 colleagues from AT and T bell laboratories. This new and developed set of firewalls, can be considered an “upgrade” of the previous generation, however these filters have a sense of memory and knowledge and tracks the operating state from each endpoint and is able to characterize specific network connections passing through.
- Third Generation: Application Layer
The third generation known as the application layer released in 1993 that alerts the administrator of a network of any activity that may be suspicious. This form of a firewall was developed as means of control and to monitor what goes in and out of the network from any application or service. The application firewall is used to typically control the traffic within any OSI layer and control certain applications or services that unlike the second generation of “stateful” firewalls was unable to. The application layer controls the communication between devices and presented in a visual form to the user that ensures the receiving device is thoroughly identified and a form of authentication to occur. (Rouse, 2018)
According to Wikipedia, a virtual firewall is “a network firewall service or appliance that runs (running) entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall.” (Virtual Firewall,” 2018) This type of firewall manages incoming traffic within the network and prevents any foreign party from accessing private data or any other private information. Typically, this is uploaded or installed onto a single computer to prevent others from gaining access or other foreign entities.Some examples include Apple’s Mac OS X as well as Microsoft Windows that have a built-in virtual firewall already built in their system. (Papiewski, 2015)
A hardware firewall is “a physical device that filters incoming (and outgoing) traffic for your entire network.” (Bischer, 2017) They can be purchased as a stand-alone product and can be found in broadband routers. A hardware or physical firewall is entirely separate from your server but connects to your devices that is attached to a network. One specific fact to note however is that with a hardware firewall, threats are greatly reduced as it is “the firewall that is situated between the server and the internet, and it is the only way for network traffic to pass to and from the protected network.” (Rouse, 2018) However then one must understand the risk as well, as a hardware firewall is the primary source for protection and contains one network, so if this firewall is in some way harmed or effected then the whole network may be harmed. A prime example for hardware firewalls is Linksys WRV200 that according to Cisco “allows up to 10 remote users to connect to your network from home or on the road.”
Which one is better for you?
Comparing both firewalls is very clear in terms of their infrastructure, however one must decide where and when to use which type of firewall. Cost is big factor in deciding which firewall best suits you and how much you or the company are willing to spend in order to protect your information. While both will in fact cost a company or business, a virtual firewall is probably the best method because of the upfront cost being a lot cheaper than for a hardware firewall. (Collins, 2010) One thing to note however is that, with a hardware firewall, threats are greatly reduced as it is “the firewall that is situated between the server and the internet, and it is the only way for network traffic to pass to and from the protected network.” (Rouse, 2018) Another big factor to consider is the response time, as mentioned above, a hardware firewall responds faster to attacks or any unusual activity within the system so taking this into consideration will highly benefit you or any company or corporation. With that being said, having both in a sense makes the most, however comparing both is a good tactic in deciding which one to use and when. Using one versus the other is typically what people use, however if you would like to ensure the safety of your network for a larger business or corporation, using both is recommended however for smaller businesses or for a single use then using a virtual or software firewall is ideal.
Firewalls are designed to ensure the safety and protection of a network that can also prevent from viruses and other attacks. Virtual and hardware firewalls allow for the security and protection of a network in very different ways, so deciding which one you use depends the situation and reasoning for installing a firewall in the first place. The networking security world is a very high and profitable market where the need for protection has become a top priority for not just corporations but for everyone essentially, because privacy in the world today does not exist. However, according to an article on SmallBusiness.Chron.com, “Using a single software firewall along with a router or hardware firewall will strengthen network security without posing any compatibility issues.” (Parson, 2019) By monitoring and regularly noting down any changes that may occur from your firewall whether it be a virtual or a hardware, you can eliminate future threats that may occur and provide for a safe and protected environment within your network. Privacy and security are the primary key components in any business or company, so the use of some form of firewall can greatly reduce the risk of one being able to hack into your network system.