Introduction

Every organization that connects to the Internet has business partners and other external entities, requiring them to use firewall technology. Firewalls are a required component of your data network, and provide a protective layer of security. Security risks have greatly increased in recent years, and so the call for a stronger breed of firewall has been made. In the past, simple packet filtering firewalls allowing access to your internal resources have helped to mitigate your network s risk. The next development was stateful inspection, allowing you to monitor network sessions instead of single packets. Today s risks are far greater, and require a new generation of devices to help secure our networks borders from the more sophisticated attacks. The industry calls these firewalls L4/L7 firewalls. L4/L7 stands for Layer 4 through Layer 7, which refers to layer 4 through layer 7 of the OSI security model. These firewalls are often equipped with IPS, and are generally known as firewalls with application layer support. Later in this chapter, we delve deeper into L4/L7 firewalls.

Firewalls police your network traffic. A firewall is a specialized device that allows or denies traffic based upon administratively defined policies. They contain technologies to inspect your network s traffic. This technology is not something that is exclusive to firewalls, but firewalls are designed specifically for inspecting traffic, and therefore do it better than any other type of device. Many networks can have millions of packets transverse it in a short period of time. Some firewall models are built...