No matter what size your business is, network security is one of the most important considerations when working over a local area network (LAN) or the internet. Gateways and firewalls are vital to the detection of and response to potential security risks.
So what are a gateway and firewall? What do they do and how are they different? We will answer these questions in this article.
What is a gateway?
A gateway is a network hardware device (or network node) that connects a remote network to a host network. The gateway is the entry and exit point—meaning all data must pass through and communicate with the gateway in order to use routing paths. Computers and routers are the most common gateways.
There are two types of gateways: unidirectional and bidirectional. Loyola University Chicago’s T4 Tutorial site defines these two gateway types as follows:
The unidirectional gateway allows alerts to send in only one direction. The changes occurring in the source ObjectServer are copied in the destination ObjectServer or application, but when changes are made in the destination ObjectServer or application, these changes are not copied in source ObjectServer. Unidirectional can be treated as archiving tools.
Bidirectional gateway provides permission to send an alert from the source ObjectServer to the target or exact destination ObjectServer or application and also provides a reply to the source ObjectServer.
In a bidirectional gateway configuration, the changes formed in the content of a source ObjectServer are copied in a destination ObjectServer or application, and the destination ObjectServer or application copies its alerts in the source ObjectServer. Bidirectional gateways can be treated as synchronization tools.¹
How does a gateway work?
Techopedia explains the process as follows:
The gateway (or default gateway) is implemented at the boundary of a network to manage all the data communication that is routed internally or externally from that network. Besides routing packets, gateways also possess information about the host network’s internal paths and the learned path of different remote networks. If a network node wants to communicate with a foreign network, it will pass the data packet to the gateway, which then routes it to the destination using the best possible path.²
The Pros and Cons of Using a Gateway
- Connectivity: A gateway expands a network by connecting different systems.
- Security: Differing forms of security, such as User ID and Password can be put on a gateway to guard against unwanted access.
- Filtering: A network gateway can control collision and broadcast domain.
- Protocol Conversion: Gateways are also called “protocol converters,” as they can convert the data format to align with a destination’s differing architecture needs.
- Implementation: Generally, gateways are installed in routers by default. Therefore, it is difficult and expensive for network administrators to install or configure them.
- Time Delays: Since information must be translated when using a gateway, there will always be some time delay. Also, gateways must return any cache information that has not cleared correctly, taking some more time.
- Connection failure: Any connection difficulties will result in a loss of communication.
- Troubleshooting: Computers on a network with differing protocols will have to be troubleshot individually.
What is a firewall?
A firewall monitors incoming and outgoing network traffic. Following pre-set security rules, a firewall decides whether to allow or block data traffic. It does this by creating a barrier between incoming traffic from external sources (e.g., the internet) and the internal network—thus blocking malicious traffic like viruses and hackers.
A firewall can be implemented as software or hardware; we recommend you use both. A software firewall is a program installed on each computer and prevents unauthorized access through ports (entry points) and applications. A hardware firewall is a piece of equipment that is installed.
There are eight different types of firewalls:
- Packet-filtering firewalls: This is the oldest and most basic firewall type. This firewall performs a simple check of the data packets coming through the router.
- Circuit-level gateways: This simple firewall verifies the transmission control protocol (TCP) handshake to make sure packets are legitimate.
- Stateful inspection firewalls: These firewalls incorporate both packet inspection and TCP handshake verification.
- Proxy firewalls: These firewalls operate at the application layer to filter incoming traffic and are delivered via the cloud or another proxy device.
- Net-generation firewalls: Common features of this type of firewall includes deep-packet inspection, TCP handshake verification, surface-level packet inspection, and intrusion prevention systems (IPSs).
- Software firewalls: These firewalls create in-depth defense by isolating network endpoints from each other.
- Hardware firewalls: These firewalls are excellent at perimeter security, ensuring that malicious traffic is intercepted before network endpoints are at risk.
- Cloud firewalls: These firewalls are also called FaaS (firewall-as-a-service). Cloud-based firewalls are easy to scale; as your company’s needs grow, you can add additional capacity to the cloud server.
How does a firewall work?
DifferenceBetween.net describes how a firewall works as follows:
Firewalls typically inspect the packets and monitor the connection, and then filter connections based on the packet inspection results. Packet inspection determines whether the packet should be permitted or denied based on the pre-defined access policy. It may involve inspection of multiple elements such as IP address, destination IP address, source port, destination port, IP protocol, and packet header information.³
The Pros and Cons of Using a Firewall
- Traffic monitoring: If a firewall detects any threats (from viruses to trojans to hackers), it will block them immediately.
- Access control: Certain hosts and services can be suspect because they are vulnerable to security breaches. Firewalls have an access policy which can be enforced to block these unreliable hosts.
- Privacy: When using a firewall, the domain name system (DNS) information is blocked; hence the network’s name and IP address are not visible to attackers
- Cost: Depending upon which firewall you use, it can be rather expensive. Generally, hardware firewalls are more costly than software firewalls. In addition, hardware firewalls require both installation and maintenance fees. Conversely, software firewalls are easy to install and deploy.
- User restrictions: As firewalls prevent unauthorized access, large organizations may find this to be a problem. Strict access rules sometimes prompt employees to use “backdoors” as a shortcut, which can lead to security problems.
- Performance: Software firewalls constantly run in the background and consume both processing power and random-access memory (RAM). However, hardware firewalls do not impact system performance.
- Malware attacks: It is important to note that firewalls have been proven ineffective against some types of malware. Therefore, it is highly recommended that anti-malware software be installed on all PCs.
Summing Up: A List of the Key Differences Between a Gateway and a Firewall
1. The most simple difference between a gateway and a firewall is that a gateway is only hardware, while a firewall can be either hardware or software.
2. A gateway is used to link two separate networks together, allowing users to communicate across several networks. In contrast, a firewall secures a network by deciding which data packets are allowed to pass through a network.
3. The cost of the installation of a unidirectional gateway is usually a one-time cost. In contrast, installing a firewall is more complicated and includes hidden fees like Windows Server Update Services (WSUS) and interface nodes.
Both gateways and firewalls are essential security solutions to any organization’s network architecture. Their technology and capabilities will continue to evolve over the next few years.
1 T4 Tutorials: Unidirectional and Bidirectional Gateway—Types and Uses
2 Techopedia: Gateway
3 DifferenceBetween.com: Difference Between Gateway and Firewall