Basics about Stateful Firewall, Stateful Inspection, UTM & NGFW

 A firewall is a network security device that supervise inbound and outbound network traffic and chooses whether to permit or denies precise traffic based on a distinct fixed of security rules.

Firewalls have been a first line of safety in network security. They begin a fence between protected and precise internal networks that can be important and untrusted outside networks, such as the Internet. The Firewall can be a Hardware appliance or a software based application.

Fig 1.1- Basic Network Architecture with Firewalls

Proxy firewall- Initial way of securing Internal Network
An initial type of firewall method, a proxy firewall helps as the entry and exit from one network to another for a precise application. Proxy servers can deliver extra functionality such as content caching and security by avoiding straight connections from external network. Though, this also may influence throughput abilities and the applications they can support.

Stateful inspection firewall
The other way used in the traditional networking is the stateful inspection firewall. This is the initial approach to safeguard the attacks from the external world. A stateful inspection firewall permits or denies traffic based on state, port, and protocol.

It inspects all activity from the beginning of a connection until it is shut. Filtering judgements are created based on both admins described guidelines as well as context, which denotes to using data from earlier connections and packets fitting to the same connection. Cisco ASA are the stateful inspection firewall as an example.

Unified threat management (UTM) firewall
Many of the vendors are selling UTM as a safeguard device with extra features. A UTM device usually have the functions of a stateful inspection firewall with intrusion prevention and antivirus. It may also include added services and often cloud management. UTMs focus on simplicity and ease of use.

Many of the vendors uses UTM as a safeguard such as Sophos, SonicWall, Fortinet.

Next-generation firewall (NGFW)
In the modern Era, NGFW is the hot topic and use to safeguard the internal network from the internet or the external world. Since Firewalls have grown beyond modest packet filtering and stateful inspection. Most companies are deploying next-generation firewalls to denies modern threats such as advanced malware and application-layer attacks.

With the help of the NGFW, you can have the features like AVC, so called Application Visibility and Control with the IPS- Intrusion Prevention System, AMP- Advance Malware Protection with URL-Filtering as a necessary features.

Vendors like Cisco, Palo-Alto, Checkpoint, Fortinet, Force-point and so on.