Commercial-Grade Firewalls ( 3 of 3)
This is the final of three installments on firewall software: critical software that straddles the boundary between internal and external sides of an Internet or other “outside network” connection and inspects traffic inbound and outbound. Firewalls come in lots of flavors, with lots of different capabilities. Today’s focus is on the high end software-only and software/hardware combinations that represent the kinds of firewalls used in most enterprises, and at service and infrastructure providers.
Today, commercial-grade firewalls are considered mandatory on networks of any size that connect to the Internet, or to any other public network. This is the foundation of the firewall product category, which is becoming increasingly rich and complex as vendors add capabilities to their offerings in this market. It’s not uncommon, for example, for firewalls to include VPN capabilities, IPSec tunneling capabilities, proxy (and reverse proxy) services, and more. Likewise, intrusion detection systems (IDS) often co-inhabit boundary devices with firewall capabilities, or monitor firewalls constantly (as likely and frequent targets of attack).
These kinds of products are designed for companies or organizations that seek to protect their primary networks and networking infrastructure, but who may also operate VPN or remote access links between multiple sites, or for inbound remote teleworkers. That’s why such products are generally designed to support remote access and control, and why they usually support centrally-managed policy-based filters or screening capabilities. Furthermore, such devices or services are designed to handle large amounts of traffic, and to provide. Table 1 provides pointers and resources for leading commercial-grade firewall products.
As you look through Table 1, you’ll also see products from infrastructure vendors like Cisco, whose customers and operations benefit from access to products that ISPs, telecomm companies, or broadband operators use as well as larger enterprises that may choose to operate their own networking infrastructures. You’ll also see products from well-known security vendors that include Check Point, Lucent Technologies, and others.
Table 1: Enterprise firewalls and resources