paloalto logo
strata logo

The Evolution of Firewalls:

From Simple Packet Filtering to Machine Learning-Powered Next Generation Technology
Get the e-book
IN THE EARLY DAYS OF NETWORK COMPUTING
A firewall was defined as a tool for monitoring and controlling the flow of data traffic in and out of a network based on a set of filtering rules applied to data packets.
While it might have been appropriate at the time, this primitive tool was totally ​reactive​. As networks have evolved, so too have firewalls which have now become more ​proactive.

Let’s take a look at how we got here

Following the evolution of firewalls from the earliest generation of packet filtering devices to Unified Threat Management (UTM) devices, through Next-Generation Firewalls (NGFW), to the most revolutionary firewalls yet: ML-Powered NGFWs:
The First Generation

Early Firewalls

  • Simple
  • Focused on inspection and filtering of packets
    sent into a network or system
  • “Stateful” filters keep track of connections between
    computers to judge packets
  • PROS: Easy to manage, straightforward use
  • CONS: Reactive and rules-based, easily defeated

The second Generation

Unified Threat Management

  • In part to respond to the rising need for application awareness in the 2000s, the second generation of firewalls added gateway antivirus, intrusion detection, and prevention capabilities
  • Inspected outbound traffic as well
  • Web proxy filtered content
  • Connected remote offices using Virtual Private
    Networks (VPNs)
  • Spam filters included
  • PROS:​ More robust functionality, offered better protection than early firewalls
  • CONS:​ Little to no integration between each function, security gaps, poor performance, complex policy management
The Third Generation

Next Generation Firewalls
(NGFW)

  • Palo Alto Networks develops the
    industry’s first NGFW in 2008.
  • Built around integrated capabilities
  • Uses awareness of apps, user identity, and
    content
  • Offers enhanced application visibility
    and control
  • Supports secure, encrypted traffic via
    SSL/TLS
  • Detects and prevents advanced
    attacks by identifying evasive
    techniques and automatically
    counteracting

PROACTIVE NGFWs

Proactive NGFWs
with Machine Learning

  • For the first time ever, machine
    learning now allows Palo Alto NGFWs
    to deliver proactive, real-time, and
    inline zero-day protection.
  • Identifies variants of known attacks,
    as well as many unknown
    cyberthreats
  • Provides complete device visibility,
    behavioral anomaly detection, and native
    enforcement to secure IoT devices
    without the need for additional sensors or
    infrastructure.
  • Serves up recommendations for policy
    improvements