Evaluation Criteria for Enterprise Network Firewalls

Comparison and selection of enterprise network firewalls is a complex task requiring network designers to have detailed knowledge of firewall technology and detailed knowledge of network technology and next generation application requirements.

© 2014 Gartner, Inc. and / or its affiliates. You are prohibited from reproducing and distributing this publication without prior written permission. The information contained here comes from information sources believed to be reliable. Gartner disclaims any warranties regarding the accuracy, completeness or appropriateness of such information. Although Gartners' research may discuss legal issues related to information technology business, Gartner does not provide legal advice or services, so please do not interpret or use the investigation. Gartner assumes no responsibility for any errors, omissions, deficiencies, or interpretations of the information contained herein. The opinions contained herein are subject to change without notice.

Firewall In general, what is called a "firewall" is a dedicated defense system for a single computing device or computer network. By blocking or restricting network ports from viruses and hackers, we filter the data entering or leaving the computer or the network. It also acts as a barrier between trusted and untrusted networks by allowing only traffic defined in the firewall policy to enter the network. There are more utilities such as proxy firewall, stateful inspection firewall, integrated threat management (UTM) firewall, next generation firewall (NGFW), threat-centric NGFW as the first line of defense of your computer.

Computer firewall controls access between networks. It is usually composed of a gateway and a filter, and it depends on the firewall. Firewalls can also filter network traffic and block dangerous traffic. The firewall acts as an intermediate server between the SMTP connection and the Hypertext Transfer Protocol (HTTP) connection. The firewall imposes restrictions on network packets that are sent to and from the private network. Inbound or outbound traffic must pass through the firewall, allowing only permitted traffic to pass. The firewall creates checkpoints (borrowed from the same military terms of geographic features with combat restrictions), also called blocking points, between the internal private network and the public Internet. The firewall can create blocking points based on IP source and TCP port number. It also functions as an IPsec platform. The tunnel mode feature allows you to implement a VPN using a firewall.