Next-Generation Firewalls
The humble firewall has come a long way since the packet-filtering days, originally founded in the 1980's. These early firewalls operated mainly on the first four layers of the OSI model, intercepting traffic and inspecting the properties of every packet to determine if they matched a pre-configured set of rules. Firewall development did not take a breather between then and the next-generation firewall of today. In fact, the ride from there to here has been largely organic – developments in firewall technology, intrusion detection and prevention, and user or content management have all been assimilated into the unified threat management (UTM) platform of today.
Application-level firewalls took an important leap forward with the release of the first open source firewall, Firewall Toolkit (FWTK) by Trusted Information Systems in 1993, although layer 7 firewalling was again pioneered by DEC, with SEAL the first firewall “product” in 1991.
This third generation of firewall technology pushed packet inspection all the way up to the application layer (layer 7). This meant that not only the information pertaining to connection and connection state could be incorporated into a rule-set, but also information relating to the operations being carried out under an individual protocol, for example allowing a GET request over http, but denying a POST.
TIS commercialised FWTK as Gauntlet Firewall, a product I had the pleasure of working on. Gauntlet firewall was perhaps the first commercially available next-generation firewall, eventually incorporating user authentication, anti-malware, URL filtering and application-level firewalling with customisable application proxies – and all this more than a decade ago.
The layered security model is not going away any time soon. These offerings incorporate formerly discrete technologies, such as user authentication, network intrusion prevention, and more, into a high-performance hardware platform.
The only problem we are left with when it comes to next-generation firewalls is, what do we call the subsequent evolutions?
If you are confused about network security, or need help, we’re here! Give us a call at 954.920.9604 and we'll help you build the right plan for your business. Get the power of worry-free IT today!
