The evolution of the internet and the development of the firewall go hand in hand. Years of research from multiple vendors have sculpted the firewall into its current shape.
Today’s next-generation firewalls (NGFWs) have a much more complicated job than their predecessors. 25 years ago firewalls simply allowed or restricted outside access to particular network resources by monitoring ports and IP addresses.
To meet a rapidly changing threat landscape, firewalls have matured from plain packet filters to elementary stateful packet inspectors transforming into the Next Generation Firewall of today. Now firewalls are enforcing network security policies, logging Internet activity and securing an organization from outside threats. While they still inspect and filter data packets, they do the same for web traffic. As such they are able to identify what applications are being used and what users are responsible for certain traffic.
However this focus on visibility of applications and users has shifted recently with the massive advances in malware. Traditionally viruses and bots could be detected with an anti-virus, anti-bot or IPS solution. Unfortunately they are hardly at all effective against the latest malware and zero-day attacks (e.g.ransomware). Sandboxing solutions offer a great alternative here. The isolated test environment, in the cloud or on premises, can execute possible malicious files without causing any harm to the network.
For the future we see a move to more virtual firewalls and sandboxing solutions as well as an immense rise in mobile malware, putting the endpoint in the firewalls spotlight.