Firewall Software Overview
What are Firewall Software?
Firewalls are filters that stand between a computer or computer network and the Internet. Each firewall can be programmed to keep specific traffic in or out. All messages passing through the firewall are examined and those not meeting pre-defined security criteria are blocked.
For example, on the outbound side, firewalls can be configured to prevent employees from transmitting sensitive data outside the network, while on the inbound side, firewalls can be configured to prevent access to certain kinds of websites like social media sites.
Firewall Software Features & Capabilities
Application visibility and control
Identify and control evasive app threats
Intrusion Prevention integration
Physical and virtual environment support
Integration with LDAP and Active Directory
- "Sandbox," or isolated, cloud-based threat emulation
Firewall vendors are beginning to bundle firewall offerings with other
security or privacy features, although this is not a universal practice.
The most common example is support for Virtual Private Networks (VPN),
and load-management is often featured as well.
Firewalls use several methods to control traffic flowing in and out of a network:
Proxy service: In this method, computers make a connection to the proxy which then initiates a new network connection based on the content of the request. In this way, there is no direct connection or packet transfer on either side of the firewall. Network addresses are effectively hidden.
To compare different Firewall products, you likely want to
consider evaluating these aspects of the software:
- Managed Service Provider vs. In-House Focus: Are you looking
for a firewall product to sell to and manage for your clients, or do you need
something for your own business? Products tailored to the former context will emphasize
centralized management and customizability, while the latter will be more accessible
for line of business users without IT security backgrounds.
- Physical vs. Cloud Deployments: The standard deployment
method for firewalls is via hardware appliance deployed on premise. Alternative
deployments on virtual machines, or hosted in the cloud on 3rd party
infrastructure, have become frequent options among leading vendors. Cloud
deployments frequently operate on a subscription pricing model, while physical
appliances are more likely to be a one-time purchase, with additional costs for
software updates varying by product.
- Multi-location vs. single location: Providing a firewall
across multiple locations will require specific features. The most relevant
feature differences will be VPN support (for securely connecting to remote
offices), central management support, and native SD-WAN capabilities.
- Support: Reviewers frequently mention customer support and service, both positively and negatively depending on the product. Given a convergence of capabilities towards market parity, the extra support and services vendors provide can become a key differentiator between products.
The cost of firewalls can vary from free (for personal use) to significant sums of money for enterprise firewalls. Firewalls are often on-premise appliances, but can also be purchased as software which must be installed on a server, or as a cloud service. The range of pricing models is broad making it difficult to compare across vendors. However, an enterprise firewall may cost upwards of $30,000, depending on capability and type.