The history of firewalls dates back to the late 1980s. Their evolution was not necessarily dictated by technological revolutions, rather was imposed by the philosophy of designing and architecting security at the gateway level; it went down to the market demand.
Technology offering strong security was present from the early years but did not catch. Instead a model offering lesser security but better usability and performance emerged as a dominant force in the firewall market. This has slowly evolved surrounded by niche players.
Timeline of firewalls evolution
We can view in the below timeline major events that occurred in the history of firewalls:
Quickly explaining what happened:
- The first firewalls were routers with filtering rules in the late 1980s.
- Between 1989 and 1994 there is a little boom in firewall research and the firewall market appears along with the first commercial firewalls.
- The static packet filter represents a first generation of firewalls; Jeff Mogul’s screend was an example in 1989.
- Steve Bellovin and Bill Cheswick from AT&T Bell Labs came with a circuit relay firewall in 1991, probably the first form of stateful packet inspection firewall. Stateful packet filters firewalls are called by some second generation firewalls.
- Marcus Ranum invents the application proxies and DEC SEAL, the first commercial firewall, appears in 1991 using them. At this stage, we can speak about the third generation of firewalls, application gateways or proxy firewalls. Furthermore, with DEC SEAL we already have a hybrid firewall, as a combination of application proxies and packet filters is used.
- In 1994, Check Point debuts Firewall-1, a stateful inspection firewall with a GUI; basically it’s a stateful packet inspection firewall with some application layer intelligence. It’s an alternative to the proxy firewalls. It has the advantage of being fast due to the light inspection, easy to use and can control all network traffic as it does not need a proxy for each application. Stateful inspection firewalls can be called fourth generation firewalls.
- In addition to filtering, firewalls start to incorporate more features like VPN, first called firewall-to-firewall encryption and introduced by the ANS Interlock firewall. Other features like QoS, URL screening or antivirus scanning are added too.
- Main firewalls are hybrid firewalls, incorporating both stateful inspection and proxies. The stateful inspection dominates and other vendors follow the trend initiated by Check Point. Proxy firewalls are niche players.
- In the late 1990s, specialized application firewalls protecting applications appeared also as niche players; the early WAFs.
- With the incorporation of new features we began the transition to UTMs and DPI; the UTM term was coined in 2004 by IDC. They are the result of more security and control being needed for cleaning the traffic from threats. In 2003 we see many vendors launching “all-in-one” security products.
- Also in 2003, Gartner starts speaking about Next Generation Firewalls.
- UTMs may control web traffic per users with the help of a web proxy.
- In parallel with the firewall evolution: in 1996 Squid proxy appears; in 1998 Snort IDS is created; in 1999 the first commercial IPS Network ICE's BlackICE IPS debuts. Squid and Snort will be integrated into many UTMs over the time.
- After 2004 the UTM market and UTM products evolve. UTMs are plagued by performance issues and the limitation of the level of inspection into the application layer. More and more the term DPI is used.
- In 2006, WAFs are defined with the help of the Web Application Security Consortium. As time goes by, they will become a stronger presence on the market.
- In 2008 Palo Alto Networks claim they have a Next Generation Firewall; this solves UTM’s performance issues and provides greater control and visibility into network traffic shifting the game into managing(identify, block, allow, monitor and shape) applications and their features per users.
- In 2009 Gartner defines the Next Generation Firewall.
- Today, 2012; the market for Next Generation Firewall is on the rise with a couple of vendors offering such gear; to name a few: Palo Alto Networks, SonicWALL or Fortinet. The specialized application firewalls market is also stronger, with many WAFs and Database Firewall vendors.