Does your company have valuable data that needs to be protected? Then you need a firewall. With a firewall, different networks are separated from each other by rules.
The firewall is the central point through which all data must pass. Thus the firewall also serves as a log file, as all activities are kept for a while. In the event of an attack, the administrator will find valuable forensic information on the firewall. It can also track the required throughput and ensure that the provider provides sufficient bandwidth. In IT and network security, a distinction is made between two security systems: UTM (Unified Threat Management), which perform various tasks and security measures in one, and SSA (Specialized Security Appliances), which focus on a single, specific task
There are various approaches to increase safety. The simplest is the packet filter. It relies on different protocols (such as HTTP or FTP) to communicate on specific ports. These are either allowed or prohibited for different IP addresses. The simple packet filter offers a solid but rudimentary protection. This is because malicious data can easily be tunnelled through HTTP and other protocols and can override the packet filter. Most firewall routers, i.e. routers with basic security functions, operate according to this principle.
Significantly more advanced are firewalls that examine the individual data packets more closely, a so-called Stateful Packet Inspection (SPI). The firewall "inspects" each data packet and assigns it to a connection (session). The communication between source and destination can be related to each other: The client from the internal network has established a connection, the destination on the Internet responds. Seemingly unsuspicious data packets are discarded if they have not been requested beforehand. Firewalls with SPI need a lot of memory because they have to store all active connections in a table. In technical jargon, the maximum possible sessions that the firewall can process simultaneously are referred to.
The application layer firewall offers the most modern approach. It actively intervenes in the communication: Towards the client it behaves as a server, towards a server as a client. This type of firewall not only looks at the metadata of data packets, but examines the concrete content in its context. For example, an application layer firewall can detect and filter out malicious commands for an SQL injection. An application layer firewall is associated with annual licenses. Thus, it regularly obtains up-to-date information on known types of attacks, which the manufacturer maintains.
In addition to the basic functionalities, most firewalls have additional features such as virus protection, content filters, VPN and intrusion detection on board.
We carry firewalls for 19" racks, but also desktop devices suitable for SMB and SMB (Small and Medium Business).