Back to course

Firewalls: Principles and Types

Cyber Security Mastery: From Zero to Hero

Module 3: Defensive Cybersecurity (Blue Team)

We now shift our focus to defending systems. The firewall is the most basic and critical defense mechanism.

What is a Firewall?

A firewall is a network security device (hardware or software) that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Types of Firewalls

  1. Packet-Filtering Firewall (Stateless): Inspects individual packets based solely on IP addresses, ports, and protocols. It does not remember past packets (stateless).

    • Drawback: Cannot detect complex attack sequences.

  2. Stateful Inspection Firewall: Monitors the state of active connections. It tracks the connection lifecycle and only allows packets that are part of an established, legitimate session. (Most common type today).

  3. Application-Layer Firewall (Proxy Firewall): Filters traffic based on application data (Layer 7 of OSI). Can inspect HTTP requests, DNS queries, and specific web application logic. Essential for protecting web servers.