The Basics of Networking | Network Elements | Firewalls and NGFW

The Simple Definition

A firewall is a security tool that is used to protect a computer network from unauthorized access. It acts as a barrier between a protected network and the outside world, controlling the flow of traffic in and out of the network.

Think of a firewall as a virtual security guard for your network. Just like how a security guard controls who can enter a building, a firewall controls what types of traffic can enter your network.

Firewall Functions

A firewall is typically a software or hardware solution that is placed between the internal network and the internet. It examines all incoming and outgoing traffic and compares it to a set of predefined rules. If the traffic matches a rule that allows it to pass, the firewall allows it to enter the network. If the traffic matches a rule that blocks it, the firewall stops it from entering the network.

Firewalls can be configured to block specific types of traffic, such as incoming traffic on certain ports or traffic from specific IP addresses. They can also be configured to allow specific types of traffic, such as outgoing traffic to specific websites or email servers. This allows you to control exactly what types of traffic are allowed to enter your network and what types are blocked.


Next Generation Firewall, what it is?

A next-generation firewall is a type of firewall that goes beyond the traditional functions of a firewall by incorporating advanced security features such as intrusion prevention, application control, and user identity management.

NGFWs use deep packet inspection (DPI) to examine the data that is passing through them, looking for patterns and anomalies that could indicate a potential threat. This allows them to detect and block malicious traffic even if it is using encrypted or disguised communications.

NGFWs also provide application control, which means that they can identify and control the specific types of applications that are running on the network, such as social media, streaming, or instant messaging. This allows organizations to block or limit the use of certain applications that might be a security risk or that might be a productivity drain.

NGFWs also provide user identity management, which allows them to identify individual users on the network and apply security policies based on their roles and responsibilities. This helps to prevent unauthorized access to sensitive information and ensures that users are only able to access the resources they need to do their job.

What is next?

We will continue using this series to identify and describe multiple Network devices. How they fit in a typical network.

Other topics, part of this series

About the Author:

Andres Sarmiento, CCIE # 53520
With over 18 years of professional experience, Andres is a specialist in Unified Communications and Collaboration technologies, Enterprise Networks, and Network Security. He has consulted for numerous companies in South Florida, including Financial Institutions, on behalf of Cisco Systems. Andres has played a key role in several high-profile implementations, utilizing Cisco technologies such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security, and Hosted IPT Service Provider infrastructures.

You can follow Andres using Twitter, LinkedIn, or Facebook.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top