Abstract
With the rapid advancement in technology, exchanging information over networks has never been easier than it is today. However, connecting to external networks without compromising internal network assets remains an eternal challenge faced by most establishments and individual users. In the current circumstances, where attackers can easily exploit vulnerabilities in systems and network infrastructure, the firewall continues to play a pivotal role and remains the first line of defence for protecting network infrastructure. In recent years, the number of internet users has increased exponentially, and the use of the internet has changed significantly. Attackers have also become more sophisticated, and threats have increased significantly. Traditional firewalls are no longer sufficient to protect current internet users from emerging threats. To effectively deal with these present emerging threats, firewalls need to be more sophisticated, proactive, and fortified with advanced technologies. Gartner Research has termed these evolved and enhanced firewalls as “Next Generation Firewalls,” which are designed to address the current emerging threats in network security. Next-generation firewalls are equipped with a wide range of techniques and features, including application control, IDS, IPS, sandboxing, AV, DLP, threat intelligence, advanced analytics, and many more to tackle modern threats. This chapter will provide details about firewalls, different firewall technologies, their advantages, and disadvantages. It will also present next-generation firewall technologies designed to counter the recent advances in network security threats.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Stoll C (1989) The Cuckoo’s egg. Doubleday, New York, NY
Cheswick B (1990) The design of a secure internet gateway. In: USENIX summer conference
Eichin MW, Rochlis JA (1989) With microscope and tweezers: an analysis of the internet virus of November 1988. In: IEEE computer society symposium on security and privacy. IEEE Computer Society, Los Alamitos, CA, USA
Ingham K, Forrest S (2002) A history and survey of network firewalls. ACM J
Schneier B (2000) Secrets and lies: digital security in a networked world. Wiley, New York, NY
Lodin S, Schuba C (1998) Firewalls fend off invasions from the net. IEEE Spectrum
Cheswick W, Bellovin S (2003) Firewalls and internet security: repelling the Wily Hacker. Addison-Wesley
Chen S, Iyer R, Whisnant K (2002) Evaluating the security threat of firewall data corruption caused by instruction transient errors. In: International conference on dependable systems and network
Mogul JC (1989) Simple and flexible datagram access controls for Unix-based gateways. In: USENIX summer conference
Chapman D, Zwicky E, Cooper S (2000) Building internet firewalls, 2nd ed. O’Reilly
Wilson J (2005) The future of the firewall. Bus Commun Rev
Gartner. https://www.gartner.com/en/information-technology/glossary/next-generation-firewalls-ngfws
Audin G (2004) Next-gen firewalls: what to expect. Bus Commun Rev
Ranum MJ (1992) A network firewall. In: First world conference on system administration and security
Teach computer science. https://teachcomputerscience.com/firewall/#Firewall_Security_Techniques
Bellovin S, Cheswick W (1994) Network firewalls. IEEE Commun Mag
NIST Special Publication SP 800-41_Rev1, Sep 2009
Likhar P, Yadav RS (2020) Stealth firewall: invisible wall for network security. In: Innovations in computer science and engineering. LNNS, vol 103. Springer
Suehring S (2015) Linux firewalling, enhancing security with nftables and beyond, 4th ed. Addison-Wesley
Likhar P, Shankar Yadav R (2021) Impacts of replacing venerable iptables and embracing nftables in a new futuristic Linux firewall framework. In: 5th international conference on computing methodologies and communication (ICCMC)
Cisco Annual Internet Report (2018–2023). https://www.cisco.com/c/en/us/solutions/collateral/executiveperspectives/annual-internet-report/white-paper-c11-741490.pdf
The netfilter.org project: netfilter/iptables project. https://netfilter.org/projects/iptables/index.html
Purdy GN (2004) `Linux iptables pocket reference. O'Reilly Media
McHardy P, Ayuso PN (2015) The nftables tutorial. In: Proceedings of the Netdev 0.1, Ottawa, Canada, February 2015
Alex L, Amir K, Joshua H, Zihui G, Dan P, Jia W (2017) Firewall fingerprinting and denial of firewalling attacks. IEEE Trans Inf Forensics Secur 12(7)
Salah K, Sattar K, Sqalli1 M, Al-Shaer E (2011) A potential low-rate DoS attack against network firewalls. Secur Commun Netw 4:136–146
Singh A, Gupta BB (2022) Distributed denial-of-service (DDoS) attacks and defense mechanisms in various web-enabled computing platforms: issues, challenges, and future research directions. Int J Semant Web Inf Syst (IJSWIS) 18(1):1–43
Trabelsi Z, Zeidan S, Hayawi K (2019) Denial of firewalling attacks (DoF): the case study of the emerging BlackNurseAttack. IEEE Access. https://doi.org/10.1109/ACCESS.2019.2915792
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Yadav, R.S., Likhar, P. (2024). Firewall: A Vital Constituent of Network Security. In: Gountia, D., Dalei, D.K., Mishra, S. (eds) Information Technology Security. Springer Tracts in Electrical and Electronics Engineering. Springer, Singapore. https://doi.org/10.1007/978-981-97-0407-1_3
Download citation
DOI: https://doi.org/10.1007/978-981-97-0407-1_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0406-4
Online ISBN: 978-981-97-0407-1
eBook Packages: Computer ScienceComputer Science (R0)