Network firewalls are designed to protect whole networks from attack. Network firewalls come in two primary forms: a dedicated appliance or a firewall software suite installed on top of a host operating system. Examples of appliance-based network firewalls include the Cisco PIX, the Cisco ASA, Juniper's NetScreen firewalls, Nokia firewalls, and Symantec's Enterprise Firewall. The more popular software-based firewalls include Check Point's Firewall-1 NG or NGX Firewalls, Microsoft ISA Server, Linux-based IPTables, and BSD's pf packet filter. The Sun Solaris operating system has, in the past, been bundled with Sun's enterprise firewall, SunScreen. With the release of Solaris 10, Sun has begun bundling the open source IP Filter (IPF) firewall as an alternative to SunScreen.
Many network firewalls provide enterprise users the maximum flexibility and protection in a firewall system. These firewalls have over the past few years incorporated many new features such as in-line intrusion detection and prevention as well as virtual private network (VPN) termination capabilities both for LAN-to-LAN VPNs as well as remote-access-user VPNs. Another feature that has been introduced into network firewalls is a deep packet-inspection capability. The firewall can identify traffic requirements not just by looking at Layer 3 and Layer 4 information but by delving all the way into the application data so that the firewall can make decisions as to how to best handle the traffic flow. This evolution in firewall design and capabilities has led to the development of a new firewall product, the integrated firewall, which is covered in more detail in the next section.
Was this article helpful?
Struggling to Optimize Your Site for the Search Engines? Uncover What You Need to Know to Perform Basic SEO on Your Site, and Help Get it Listed in the Powerful Search Engines. Are YOU Ready to Climb Your Way Up The Search Engine Rankings and Start Getting the FREE Traffic You're Looking For? Hundreds of places claim they can give you top rankings, but wouldn't you rather just learn how to do it on your own so you can repeat the process on any future site you build?