Please enable JavaScript.

Coggle requires JavaScript to display documents.

FIREWALL - Coggle Diagram

- - - - Data coming in and out of your systems creates opportunities for threats to compromise your operations. By monitoring and analyzing network traffic, firewalls leverage preestablished rules and filters to keep your systems protected.
    - - One of the most visible benefits of firewalls is the ability to control your system's entry points and stop virus attacks. The cost of damage from a virus attack on your systems could be immeasurably high, depending on the type of virus.
    - - With the rise of data theft and criminals holding systems hostage, firewalls have become even more important, as they prevent hackers from gaining unauthorized access to your data, emails, systems, and more. A firewall can stop a hacker completely or deter them to choose an easier target.
    - - One of the most common ways unwanted people gain access is by employing spyware and malware—programs designed to infiltrate your systems, control your computers, and steal your data. Firewalls serve as an important blockade against these malicious programs.
    - - An overarching benefit is the promotion of privacy. By proactively working to keep your data and your customers' data safe, you build an environment of privacy that your clients can trust. No one likes their data stolen, especially when it is clear that steps could have been taken to prevent the intrusion.
- - - - Protection Against Firewall Failure
        
        Adding another firewall of different design is helpful in case the primary firewall fails, because most likely the attack or problem that causes the primary firewall failure will not affect the host-based firewall similarly. Multiple firewalls do not offer increased protection against attacks directed at vulnerabilities in applications or operating systems.
      - Simplicity
        
        Configuring a host-based firewall is usually far simpler than configuring a perimeter firewall, because the host usually requires support for just a few protocols in order to function. Simplicity makes verification of the rule set simpler as well. (Complexity is the enemy of security.)
      - Protection Against a Wider Number of Threats
        
        The host-based firewall can protect against threats originating from within a corporate network, and can help mitigate the risks of badly configured software on a host.
      - Specificity
        
        A host-based firewall can be tuned to support a single set of applications and to block everything else. Perimeter firewalls are usually configured with a rule set designed to support many applications, and consequentially are much more likely to have exploitable weaknesses.
    - - require specific configurations
        
        It is time consuming to configure host-based firewalls on many different servers. In some cases, it may not be practical to provide individualized configurations for every host.
- - - - i. Breach prevention and advanced security :
        
        = The No. 1 job of a firewall should be to prevent breaches and keep your organization safe.
      - ii. Comprehensive network visibility :
        
        = You can't protect against what you can't see. You need to monitor what is happening on your network at all times so you can spot bad behavior and stop it fast.
      - iii. Flexible management and deployment options :
        
        = Whether you are a small to medium-sized business or a large enterprise, your firewall can customize with features that meet your needs, simply turn on subscriptions to get advanced capabilities.
        
        iv. Fastest time to detection :
        
        = The current industry standard time to detect a threat is between 100 to 200 days; that is far too long. A next-generation firewall should be able to prioritize alerts so you can take swift and precise action to eliminate threats.
        
        v. Automation and product integrations :
        
        = Your next-generation firewall should not be a siloed tool. It should communicate and work together with the rest of your security architecture.
- - - - Because traffic filtering is based entirely on IP address or port information, packet filtering lacks broader context that informs other types of firewalls
      - Doesn't check the payload and can be easily spoofed
      - Not an ideal option for every network
      - Access control lists can be difficult to set up and manage
    - - A single device can filter traffic for the entire network
      - Extremely fast and efficient in scanning traffic
      - Inexpensive
      - Minimal effect on other resources, network performance and end-user experience
- - - - Monitors the entire session for the state of the connection, while also checking IP addresses and payloads for more thorough security
      - Offers a high degree of control over what content is let in or out of the network
      - Does not need to open numerous ports to allow traffic in or out
      - Delivers substantive logging capabilities
    - - Resource-intensive and interferes with the speed of network communications
      - More expensive than other firewall options
      - Doesn't provide authentication capabilities to validate traffic sources aren't spoofed
- - - - Examines all communications between outside sources and devices behind the firewall, checking not just address, port and TCP header information, but the content itself before it lets any traffic pass through the proxy
      - Provides fine-grained security controls that can, for example, allow access to a website but restrict which pages on that site the user can open
      - Protects user anonymity
    - - Can inhibit network performance
      - Costlier than some other firewall options
      - Requires a high degree of effort to derive the maximum benefit from the gateway
      - Doesn't work with all network protocols