When the internet was first launched on a mass scale back in the late 80s, it is understandable that the technology industry got more than a little excited – the way we communicate and thus the entire world around us was being changed for good. But there was one problem: the internet was not designed with security in mind.
It was not long of course, before criminal minded people took advantage of this oversight and the first internet virus was circulated in 1988. Thankfully the security industry was hot on their tails, launching the first firewall in 1989. And thus began the ongoing battle between security experts and cyber hackers that has continued over the last 25 years.
Sectors that were deemed particularly vulnerable to network infiltration, such as the military and financial industry were the first to set up their defences, but the true threat of cybercrime was soon realised. These early firewalls relied on basic packet filtering using a simple rule: depending on where the packet was coming from and travelling to it was either allowed to pass or blocked at the firewall.
The development of the proxy firewall was the next big innovation in the space, moving firewall security onto a four-step process. A request, received from a client behind the firewall, would then be sent to a server outside the firewall, before the response was read and returned to the client. These firewalls benefitted from the ability to track all client requests and manage all data coming in and out of the network. With the development of application layer gateway (ALG) soon following, application servers could be separated and hidden from potentially malicious traffic.
However it soon became apparent that the memory storage and processor resourcing that this security system demanded was not economically feasible. As such, stateful inspection was launched, to improve efficiency. The security had an impressive ability to grow intelligently – each packet that passed helped to define the new rule set, enabling the firewall to become increasingly sophisticated over time.
Continuing on its steady rate of evolution, the firewall has continuously developed over the course of the past 25 years in response to advancements from hackers and cyber criminals. The term “Next Generation Firewall’ is frequently used today to describe the most sophisticated developments of the security. While the term was coined in 2008, the security has continued to adapt to the latest threats ever since. In 2010 for example, the discovery of a new cyber threat known as Advanced Evasion Techniques (AET) led to the demand for further sophisticated firewall developments. The stealth-like threat, which enables hackers to bypasses traditional firewalls using rarely-used protocol properties in unexpected combinations, requires network administrators to employ ever-more sophisticated rules for access.
The next phase
While the firewall may still be going strong after 25 years, the security we see today is far removed from that of 1989 – having responded to a number of threats that have developed since. The key differentiator of today’s firewall, is the need for “connected’ security. Siloed solutions of the late 80s no longer suffice to defeat the sophisticated threats of today. Nonetheless, many enterprises continue to rely on a number of disconnected security elements, and this has seen large businesses suffering from high profile breaches of late. While these enterprises may pass compliance and audit requirements with siloed solutions, a threat is simply able to bounce around the network until it finds a suitable vulnerability.
To prevent this from happening, today’s firewalls need to connect independent systems such as anti-virus, malware defence, global threat databases and security information systems. By aligning these security elements, the firewall is able to grow in intelligence – becoming increasingly sophisticated as more traffic passes.
While this is the most sophisticated advancement of today, security experts are of course always looking forward to the developments of tomorrow – keeping a constant eye on technology and threat developments to keep networks safe from harm. As such, we can expect to see a firewall in 25 years’ time that is unrecognisable from that of today.