{"id":70992,"date":"2014-10-14T15:14:05","date_gmt":"2014-10-14T19:14:05","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2021-07-02T14:46:11","modified_gmt":"2021-07-02T18:46:11","slug":"25-years-of-the-firewall","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/25-years-of-the-firewall\/","title":{"rendered":"25 Years of the Firewall"},"content":{"rendered":"<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-106952\" title=\"25 Years of the Firewall\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/25bdaycake-2-e1569969618868-150x107.jpg?resize=125%2C89&#038;ssl=1\" alt=\"25 Years of the Firewall\" width=\"125\" height=\"89\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/25bdaycake-2-e1569969618868.jpg?resize=150%2C107&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/25bdaycake-2-e1569969618868.jpg?resize=75%2C53&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/25bdaycake-2-e1569969618868.jpg?w=498&amp;ssl=1 498w\" sizes=\"auto, (max-width: 125px) 100vw, 125px\" \/>The <strong>firewall has turned 25 years old<\/strong> this year. In commemoration, <a title=\"McAfee\" href=\"https:\/\/www.mcafee.com\/\" target=\"_blank\" rel=\"homepage noopener noreferrer\">McAfee<\/a> created a timeline of the events that shaped the development of the device most of us rely on the <strong>protect ourselves from each other.<\/strong> The infographic shows how the <strong>firewall&#8217;s evolution<\/strong> coincided with <strong>high-profile security events<\/strong>:<\/p>\n<ul>\n<li><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-106945\" title=\"Firewall\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/firewall3.png?resize=100%2C100&#038;ssl=1\" alt=\"Firewall\" width=\"100\" height=\"100\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/firewall3.png?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/firewall3.png?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/firewall3.png?w=180&amp;ssl=1 180w\" sizes=\"auto, (max-width: 100px) 100vw, 100px\" \/>1995: <a title=\"WM\/Concept\" href=\"http:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2000-121511-0820-99\" target=\"_blank\" rel=\"noopener noreferrer\">WM\/Concept<\/a> first virus to spread through\u00a0<a title=\"Microsoft\" href=\"http:\/\/www.microsoft.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft<\/a> (<a title=\"NASDAQ | MSFT\" href=\"https:\/\/www.google.com\/finance?cid=358464\" target=\"_blank\" rel=\"noopener noreferrer\">MSFT<\/a>) Word<\/li>\n<li>2000: First <a title=\"Denial-of-service attack\" href=\"http:\/\/en.wikipedia.org\/wiki\/Denial-of-service_attack\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">denial-of-service attack<\/a> discovered<\/li>\n<li>2008: <a title=\"Help protect yourself from the Conficker worm\" href=\"https:\/\/web.archive.org\/web\/20160222154806\/http:\/\/www.microsoft.com:80\/security\/pc-security\/conficker.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">Conficker<\/a> infects 9-15 million Microsoft systems.<\/li>\n<\/ul>\n<p>These\u00a0<a title=\"Security\" href=\"http:\/\/en.wikipedia.org\/wiki\/Security\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">security breaches<\/a> triggered security developers to react with more advanced firewall technology:<\/p>\n<ul>\n<li>1998: Evasions researched<\/li>\n<li>2009: Native clustering for high availability and performance introduced<\/li>\n<li>2012: Software enabled security introduced, making blade technology obsolete.<\/li>\n<\/ul>\n<p>The <a href=\"https:\/\/en.wikipedia.org\/wiki\/Firewall_(computing)#First_generation:_packet_filters\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>first generation<\/strong> firewalls<\/a> were called <strong>Packet Filters<\/strong>. Packet Filter firewalls look at <a title=\"Network address\" href=\"https:\/\/en.wikipedia.org\/wiki\/Network_address\" target=\"_blank\" rel=\"noopener noreferrer\">network addresses<\/a> and ports of the packet and determine if that packet should be allowed or blocked based on rules programmed by humans. If a packet does not match the packet filter&#8217;s ruleset, the packet filter will drop or reject the packet, breaking the connection.<\/p>\n<p>The <strong>second generation<\/strong> firewalls do <a class=\"mw-redirect\" title=\"Stateful packet inspection\" href=\"https:\/\/en.wikipedia.org\/wiki\/Stateful_packet_inspection\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>stateful packet inspection<\/strong><\/a>. According to Wikipedia, second generation firewalls record all connections passing through it and determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection. Though static rules are still used, these rules can now contain a\u00a0<i>connection state<\/i> as one of their test criteria.<\/p>\n<p><strong>Third-generation<\/strong> firewalls use\u00a0<strong><a class=\"mw-redirect\" title=\"Application layer firewall\" href=\"https:\/\/en.wikipedia.org\/wiki\/Application_layer_firewall\" target=\"_blank\" rel=\"noopener noreferrer\">application layer filtering<\/a><\/strong>\u00a0which can &#8220;understand&#8221; certain applications and protocols (such as\u00a0<a title=\"File Transfer Protocol\" href=\"https:\/\/en.wikipedia.org\/wiki\/File_Transfer_Protocol\" target=\"_blank\" rel=\"noopener noreferrer\">File Transfer Protocol<\/a> (FTP), <a title=\"Domain Name System\" href=\"https:\/\/en.wikipedia.org\/wiki\/Domain_Name_System\" target=\"_blank\" rel=\"noopener noreferrer\">Domain Name System<\/a> (DNS), or <a title=\"Hypertext Transfer Protocol\" href=\"https:\/\/en.wikipedia.org\/wiki\/Hypertext_Transfer_Protocol\" target=\"_blank\" rel=\"noopener noreferrer\">Hypertext Transfer Protocol<\/a> (HTTP)). This is useful as it is able to detect if an unwanted protocol is attempting to bypass the firewall on an allowed <a title=\"List of TCP and UDP port numbers\" href=\"https:\/\/en.wikipedia.org\/wiki\/List_of_TCP_and_UDP_port_numbers\" target=\"_blank\" rel=\"noopener noreferrer\">port<\/a>\u00a0or detect if a protocol is being abused in any harmful way.<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-106948\" title=\"Next Generation Firewall\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/palo_ngfw.jpeg?resize=300%2C178&#038;ssl=1\" alt=\"Next Generation Firewall\" width=\"300\" height=\"178\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/palo_ngfw.jpeg?resize=150%2C89&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/palo_ngfw.jpeg?resize=75%2C44&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/palo_ngfw.jpeg?resize=768%2C455&amp;ssl=1 768w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/palo_ngfw.jpeg?w=896&amp;ssl=1 896w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><a title=\"Pat Calhoun, SVP at McAfee\" href=\"https:\/\/web.archive.org\/web\/20150510124724\/http:\/\/www.mcafee.com:80\/us\/about\/management\/pat-calhoun.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">Pat Calhoun<\/a>, SVP at McAfee, explained in a <a title=\"InfoSecurity article\" href=\"https:\/\/www.helpnetsecurity.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Help Net Info<\/em><\/a> article that it was not until 2009 when the <strong>fourth generation firewall<\/strong> we know and love began to evolve. In 2009 Gartner published its definition and a paper on &#8220;<a title=\"Defining the Next-Generation Firewall\" href=\"https:\/\/web.archive.org\/web\/20170830012443\/http:\/\/www.bradreese.com\/blog\/palo-alto-gartner.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Defining the Next-Generation Firewall<\/a>. (PDF)&#8221; According to its definition, NGFWs are:<\/p>\n<p style=\"text-align: justify; padding-left: 30px;\">&#8230;deep-packet inspection firewalls that move beyond port\/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.<\/p>\n<p>In its paper, the Gartner authors explain that &#8220;Firewalls need to evolve to be more <strong>proactive<\/strong> in blocking <strong>new threats<\/strong>, such as<strong> botnets<\/strong> and targeted attacks.&#8221; Mcafee&#8217;s Calhoun points out that NGFW discussions started in 2003 but the technology really didn\u2019t get on the right track until Gartner defined it in 2009.<\/p>\n<p>&nbsp;<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-106950 size-large\" title=\"Intel 25th Anniversary of the Firewall infographic\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?resize=411%2C1024&#038;ssl=1\" alt=\"Intel 25th Anniversary of the Firewall infographic\" width=\"411\" height=\"1024\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?resize=411%2C1024&amp;ssl=1 411w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?resize=30%2C75&amp;ssl=1 30w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?resize=60%2C150&amp;ssl=1 60w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?resize=768%2C1914&amp;ssl=1 768w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?w=1200&amp;ssl=1 1200w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/infographic-history-firewall-general.jpg?w=960&amp;ssl=1 960w\" sizes=\"auto, (max-width: 411px) 100vw, 411px\" \/><\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>Future NGFW development efforts need to integrate application control, <a title=\"Intrusion prevention system\" href=\"http:\/\/en.wikipedia.org\/wiki\/Intrusion_prevention_system\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">IPS<\/a>, and evasion prevention into a single, purpose-built box with enterprise-scale availability and manageability solution.<\/em><\/p>\n<p><em>Back in the day, 2000, I managed a <a href=\"https:\/\/www.checkpoint.com\/products-solutions\/all-products\/\" target=\"_blank\" rel=\"noopener noreferrer\">Checkpoint<\/a> firewall IPSO ver 3.0 on a Nokia appliance (IP300?). The thing was the network had been up and running for 3 years and included over 3,000 devices before the Checkpoint was put in. Can&#8217;t get away with that now, \u00a0a naked PC on the Innertubes will be compromised within <a href=\"http:\/\/usatoday30.usatoday.com\/money\/industries\/technology\/2004-11-29-honeypot_x.htm\" target=\"_blank\" rel=\"noopener noreferrer\">minutes<\/a> to <a href=\"http:\/\/it.slashdot.org\/story\/08\/07\/15\/0123245\/estimating-the-time-to-own-of-an-unpatched-windows-pc\" target=\"_blank\" rel=\"noopener noreferrer\">hours<\/a>, according to those who know that kind of stuff.\u00a0<\/em><\/p>\n<p><em> The most vivid recollection of setting the thing up was just randomly mashing on the keys to create the first key. Other network guys were amazed because apparently, this was the first firewall many had seen with a GUI to configure the rules.<\/em><\/p>\n<p><em>I also remember learning the hard way that Deny All goes at the bottom of the list, not the top.\u00a0<\/em><\/p>\n<h6>Related articles<\/h6>\n<ul>\n<li>Enterprise Firewall Market: Global Forecast to 2019 by Professional Services (mynewsdesk.com)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a class=\"broken_link\" href=\"http:\/\/www.linkedin.com\/in\/rb48334\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The firewall is 25 and evolved with each high-profile security event the next gen must be better with integrated app control IPS &#038; evasion prevention<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[2292,2635,2192,768,85,1247,404,82,421,2274,2633,4,2634],"class_list":["post-70992","post","type-post","status-publish","format-standard","hentry","category-security","tag-2292","tag-application-layer-filtering","tag-computer-security","tag-denial-of-service-attack","tag-gartner","tag-it","tag-mcafee","tag-microsoft","tag-msft","tag-next-generation-firewall","tag-packet-filter","tag-security","tag-stateful-packet-inspection"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/70992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=70992"}],"version-history":[{"count":16,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/70992\/revisions"}],"predecessor-version":[{"id":132663,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/70992\/revisions\/132663"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=70992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=70992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=70992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}