subject: Net Firewall - The Evolution Of Computer Protection [print this page] Perhaps the simplest, most easy to use protection for a computer or computer network is a net firewall, short for network layer firewall. This type of system protection was the first generation to come around. It features static packet filtering, which means that every packet, bits of data that travel through a computer network, that comes and goes is inspected, and then either cleared to pass or is rejected and not allowed to pass. The decision to be allowed through or not is based upon set of security rules that be defined by the user, or they can use a default set of rules.
A more secure type of net protection that falls into this same generation is known as a stateful packet inspection firewall. This type of system protection looks at the packets even more closely and takes their content as well as their addresses into consideration. A regular packet inspection firewall could be looked at like a bouncer at a club. They just look at an ID to see if someone is over 21 or not. If they are, they can go in. If not, they are denied access. A stateful packet inspection firewall is more like airport security. You will have to have a ticket to get to your destination, but the contents of your luggage must also clear a security check before you get where you are going.
The next evolution of computer system protection differs from that of the net firewall. The second generation of these protective filtering systems was designed to make security stronger between networks that are trusted and those are not trusted. This kind of firewall is called an application proxy, or sometimes a gateway firewall. This type uses software to inspect data that it intercepts for each Internet protocol. The proxy sits between a user on a network that is trusted and the Internet (the non trusted network). The program will look at and analyze data being sent back and forth and decide what to allow and what to not allow.
The third generation of protective filtering systems really deviates from the net firewall model. The new models offer state of the art security for even the biggest and most advanced computer networks. They can provide real time inspection and alert a network administrator if something is happening that may be suspicious activity. This group will need to become even more secure as more and more businesses are using VPN's and wireless communication. They will need to keep up with viruses as those who create them are getting craftier and more deceiving with their tactics.
