2-Intro to Firewall Concepts • Traditional Firewall (Stateless) • Unified Threat Management (UTM) • Next Generation Firewall (NGFW) • UTM vs. NGFW • Internal Segmentation Firewall ( ISFW ) Traditional Firewall (Stateless) = Packet Filter Firewall A traditional firewall filters traffic based on mainly the following parameters : • • • • • • Source IP address and destination IP address of the network packets. Source port and destination port of the inbound and outbound traffic. Current stage of connection. Filtering rules based on per process basis. Protocols used. Routing features. Traditional Firewall (F.W) Other common features of a traditional firewall include support • • • • Routing Network Address Translation (NAT) Port Address Translation (PAT) Virtual Private Network (VPN) Why Legacy Firewalls Are No Longer Effective? URL Web Filtering Classify traffic based on applications, not ports. Traditional firewalls can filter traffic based on port, but that may prove to be inconvenient at times. Layers 2 & 3 & 4 UTM can associate traffic based on application, which enables it to block or monitor network traffic per application and troubleshoot problems based on that. Layers 7 Managing Users and Use Policies Stopping Malware, Intrusions and Advanced Attacks Intrusion Detection System (IDS) Intrusion Prevention System (IPS) Inspecting SSL Traffic Internal Segmentation Firewall ( ISFW )= Data Center Firewall