Thursday, January 17, 2013

Back in Time and Back to the Future: Looking at the Evolution of the Firewall

Back-to-the-future-DeLorean
As we’ve entered a New Year and we look back at the events of the past year, I thought it would be interesting to examine the firewall from its beginning and how it’s evolved. We’ll review the transformation of the firewall and how multiple services have been bundled into today’s modern NGFW, as well as a few trends of where the firewall may be going in the future.  So let’s all pile into my DeLorean and take a trip through time.
Old School
After pushing the dial back to the early 1990’s we find the firewall a much more primitive piece of technology that’s really only just a proxy. We say, just a proxy, but back in the day this was a sophisticated piece of technology. The proxies of this early time were normally pushed to the perimeter of a network and used to, wait for it, yup….proxy traffic to resources within the internal network. It was here that traffic could be filtered and shaped to certain resources. There were also packet filters that could be run on servers that inspected traffic coming into the network. Here’s where you’d create security policies, in effect rudimentary rulebases that did packet filtering based off the 5-Tuple attributes of TCP\IP -Source IP, Source Port, Destination IP, Destination Port, Destination Protocol (We’ll talk more about tuples later). 
As security needs and capabilities began to expand within the network and firewalls performing stateful inspection were first commercially available, the firewall started its march into the enterprise as staple of network security…
UTM becomes the Latest Buzzword
Today we’re seeing more than just stateful packet inspection on our firewalls. We’re seeing years of evolution from multiple vendors pushing services into what we call a firewall today. We saw the evolution of firewalls a few years back when everyone and their mother were coming out with UTM devices and trying to make the firewall more than a one trick pony. These UTM devices gave you the ability to create SSL VPNs, Anti-virus, IPS, firewalls, etc. – all in one appliance -  a long way from our initial proxies we saw just a few years prior. These are still available today, but the evolution of the firewall doesn’t stop here!!
Don't like cliff hangers? Click here to read the rest of the article: http://blog.algosec.com/2013/01/evolution-of-the-firewall.html