Four Intrusion Prevention Types To Protect Your Network
The firewall, installed between the internal corporate network and the external internet, is deployed to ensure online security of a business. It prevents any external source to bypass company’s security system and have unauthorized access to its resources. The firewalls are, in fact, intrusion prevention systems, that do not allow any information lying outside public domain to get transferred out of the company’s local network. This ensures both confidentiality as well as privacy. These walls of security have proved to be quiet effective in preventing threats to the ongoing net traffic. Let’s have a look at the different types of web security systems that are in use these days:
Network Layer Firewalls (Packet Layers): These were the early ones to be used for network security purposes. They function at the lower layers of an OSI model: network and transport. They monitor the incoming IP addresses and TCP/UDP ports and determine whether they should be allowed to enter the network or rejected, based on the pre-determined rules of a firewall. If the packets do not match the set criteria, they are dropped. In order to use packet data firewalls, one needs to assign valid IP address blocks. As only the incoming and outgoing destinations are checked and not what these packets actually contain, network layer firewalls give faster performance.
Drawbacks: Depending upon different requirements, the configuration rules may need to be modified time and again. From security point of view, they lack high standards that present industry needed. Moreover, their implementation is not possible for routers that do not have TCP/UDP filtering mechanism.
Stateful Packet Filtering Firewalls: Also called dynamic packet filtering applications, these set of second generation firewalls monitor the state of the incoming packets, by keeping a set of internal tables. As against the stateless packet filtering, these firewalls check the packets up to their application level, instead of simply monitoring their headers. They function better than their stateless counterparts.
Drawbacks: As the stateful firewalls require connection tables, they work efficiently only on systems that have adequate good memory space.
Application Level Firewalls: Working on the application layer of the OSI model, these firewalls allow or block incoming packets after monitoring their content. If on inspection, the data carried by the packets is found to be inauthentic as per the set protocols, the packets are prevented from being entered into the internal network. As the data for every packet is checked, an application firewall provides better safety and selective web content blocking for data security.
Drawbacks: It is due to excessive audit reporting that these are known to show low performances. They are more complex in functioning and require elaborate understanding of how things work.
Proxies: These are fourth generation servers that ensure much better security of the networks. A proxy sits as a firewall between individual workstations and the corporate network, and allows tighter security along with the better administrative control. It is also called cache server firewall as when a page is requested, the server looks into its cache. If the page requested is already present, the same is forwarded to the user directly. But, if the page is not found in the cache, the proxy makes use of its IP addresses to forward the request from the user.
Network security systems are consistently improved over time and depending upon the requirements, a corporate may settle for the one that suits best for its security needs.
To know more see Cyberoam Firewall Appliances.