What is a firewall?

  • A firewall is a security product that filters malicious traffic. Firewalls traditionally run between a trusted internal network and a trusted network - e.g. B. between a private network and the Internet. Early firewalls were physical devices that were connected to a company's local infrastructure. Firewalls block and allow network traffic according to an internal set of rules. For some firewalls, administrators can adjust these rules.


    However, with the growing popularity of cloud computing, the separation between a trusted network and the larger Internet has disappeared. Therefore, cloud firewalls are needed, which are a virtual barrier between trusted cloud resources and trusted internet traffic.


    What does Firewall-as-a-Service (FWaaS) mean?

    Firewall-as-a-Service, or FWaaS for short, is another term for cloud firewalls. Like other "as-a-Service" categories, such as "Software-as-a-Service" or "Platform-as-a-Service", FWaaS runs in the cloud and is accessed over the Internet, and third-party providers offer it. as a service that they update and maintain.


    What is the difference between a cloud firewall as a service and a next generation firewall (NGFW)?

    A next-generation firewall (NGFW) is a firewall that includes new technologies that were not available in previous firewall products, such as:


    Intrusion Prevention System (IPS): An intrusion prevention system detects and blocks cyber attacks.

    Deep Packet Inspection (DPI): NGFWs verify packet data header and user data instead of header. This helps to detect malware and other harmful data.

    Application control: NGFWs can control which individual applications can be accessed or completely block applications.

    NGFWs can have other advanced functions.


    "Next generation firewall" is a common term, but NGFWs don't necessarily have to run in the cloud. A cloud-based firewall can have NGFW functions, but a local firewall can also be an NGFW.


    What is the scope of the network? How does cloud computing affect the scope of the network?

    The scope of the network is the division between the internal network that an organization manages and the access to the network that is provided by an external provider, usually an Internet service provider (ISP). In other words, the sphere of the network is the edge of what an organization controls. Networks can also be physically blocked: A company employee may need to be in the office and use a company-managed device to connect to the company network. Firewalls were originally developed to control this type of network perimeter and not to leave anything bad.


    With cloud computing, the network sphere is essentially disappearing. Users access uncontrolled internet services. The physical location of a user and sometimes the device they use no longer matters. It is difficult to place a layer of security around the company's resources because it is almost impossible to determine where the layer of security should go. Some companies combine a number of different security products, including traditional firewalls, VPNs, access control and IPS products. However, it increases the complexity of IT and is difficult to manage.


    What does the Cloudflare Web Application Firewall do?

    Cloudflare Web Application Firewall (WAF) protects cloud properties from security vulnerabilities, helps stop DDoS attacks, and allows IT administrators to write their own custom firewall rules. Companies can implement WAF Cloudflare before any type of cloud implementation - hybrid cloud, multicloud, public cloud, etc.

    Also read: network installation