A firewall is a component or set of components that controls access between enterprise and public networks like the Internet. Firewalls are often used in conjunction with virtual private networks (VPNs) to allow secure remote access to a corporate network. Today, more and more firewalls are being implemented within enterprise networks for greater control of internal traffic as well.

A firewall tracks and controls the flow of communication passing through it. Communication may be restricted by source, destination, application, time, day, or a combination of any of these considerations. To reach control decisions for IP-based services, a firewall must obtain, store, retrieve, and manipulate information derived from all communication layers, including the applications themselves. Firewalls are not plug-and-play.

• Packet filters - These were the first firewalls and are just routers with statically created access control lists (ACLs) for specific layer 3 / 4 addresses. Communication is limited based on source or destination IP addresses.
• Application gateways or proxies - These are platforms running firewall software to implement security at the application level.
• Stateful inspection systems - These systems look at all communication layers, extract the relevant data, and build connection tables that allow higher performance. Stateful inspection supports a large number of protocols / applications and provides extensibility to new applications.

A firewall is only as good (or bad) as the overall corporate security policy and the configuration of the firewall itself. Firewalls are also slow, as all packets must be examined; today there is no such thing as a wirespeed firewall (except to the WAN).

• Be a focal point for security decisions (choke point)
• Enforce security policy (traffic cop)
• Log activity (Big Brother watching who you communicate with)
• Limit your exposure (keep intrusions from spreading)

• SonicWALL Tele3
• SonicWALL SoHo3
• SonicWALL Pro100
• SonicWALL Pro200
• SonicWALL Pro300