Firewalls Ready for Evolutionary Shift

interesting read.

 

I assume that this doesn´t apply to home user firewalls? Perhaps a stupid question but I´m not exactly an expert when it comes to firewalls. To me a firewall needs to offer good inbound and outbound protection, but data control would be a nice extra.

 

What are we actually looking at with this article?

Let me explain my question.

With home firewalls (such as what we see,... ZA, OP, OA, jetico (to mention only few) etc), we see application control. these will allow applications to connect out (or not) based on user rules. Most high end firewalls (for gateway~ use by companies etc) put forward filtering via protocol, some as with application layer protocol control.

Per application as been available for the home user for a long time, but does not reflect/give actual layer/per protocol control to a depth of actual protocol protection differentiation.

Basically: Do you know what applications are making connections. As put forward in the artical, all apps will be making HTTP,.. so what,... we can control this with basic firewalls.

Maybe I have read it incorrectly??

 

The article is all about enterprise/perimeter firewalls.
Personally, I don't want Deep Packet Inspection to be performed at hosts.
I really like the UTM solutions available today for free, so I do "DPI" at the gateway level and "classic" packet filtering (with binding to applications) on the hosts.

 

Wow, what an article! So, why wouldn't the home user be affected by this? Many people own small businesses, or have the ability to connect to where they work? Businesses and home users alike should be insterested in this. I'm curious if companies like Comodo, for example, have any of this change in their firewall? Mind you, I am by no means a techi, so I could be misinterpreting this whole thing. Is this one of the reasons why people are trying to understand and use HIPS programs?

 

I thought this was already being done, like Zorp etc.

 

This is old news. Application specific hw firewalls (deep packet inspection combined with stateful packet inspection) have been sold for years already. Maybe they are now finally gaining ground on a larger scale.