Attacks drive firewall demand

In the SSL/CW list of top IT skills, firewalls are number 28

In the SSL/CW list of top IT skills, firewalls are number 28.

What is it?

Firewalls control the interchange of traffic between one network and another. Usually this means protecting a private network from being exposed to potential threats from a public network such as the internet, but firewalls are also used to create discrete sub-networks that prevent different departments from intruding on one another's turf.

Their primary function is to intercept viruses and prevent unauthorised access, and they can also be configured to block security leaks and restrict access to inappropriate addresses by internal users.

Where did it originate?

IP routers with manually-administered filtering rules have been around since the mid-1980s. The first commercial firewall product was DEC's Secure External Access Link, released in 1991. Others followed, but the market really took off with Checkpoint's Firewall-1 in 1994, the first product with a simplified icon and mouse user interface.

What is it for?

Most products offer a combination of firewall and virtual private network features.

Firewalls may be shipped as dedicated hardware platforms or as software only. Firewalls use various techniques, from confining traffic to approved addresses (or maintaining a blacklist of dodgy addresses) to what is known as "deep packet inspection", which monitors the contents of data packets.

Dedicated firewall hardware tends to be faster than the software-only kind and firewalls based on application-specific integrated circuits can be even faster.

However, firewalls can create performance bottlenecks and there is also a risk of false positives impeding legitimate traffic. Firewalls are increasingly able to manage themselves dynamically using powerful algorithms, but skilled administrators are needed to balance security with acceptable throughput.

What makes it hot?

Worldwide spending on dedicated firewall and IP virtual private network equipment grew by 18% in 2002 in the wake of the 11 September terrorist attacks. Gartner estimates that 75% of this was spent on firewalls and predicts that shipments will grow by 30% a year until 2006.

How difficult is it to master?

You will need to be familiar with the required operating system and network and with TCP/IP.

Most suppliers' firewall courses take four to five days, although some eke their training out expensively over two or three courses before you are ready to take certification exams.

Where is it used?

Firewall sales figures show that cyberterror attacks are being taken much more seriously, with small and medium-sized enterprises seeing themselves as just as vulnerable as larger corporations.

Don't confuse...

Deep packet inspection with rummaging through a bag of boiled sweets for the nice blackcurrant ones.

What systems does it run on?

Cisco, Checkpoint and Nokia have 60% of the world firewall market between them. Cisco alone has nearly 35%. NetScreen is runner-up with 10%.

What is coming up?

There will be growth in personal firewalls and secure sockets layer-based VPNs as hackers move from targetting servers to mass attacks on client PCs using HTML-formatted e-mail.


Most firewall training comes from suppliers, although supplier-neutral training can be had from security specialists. Try the systems security certified practitioner exam from ISC2, or the BCS IS Examinations Board's information security management certificate.

Rates of pay

Technical support positions can receive salaries from £28,000 and security consultants and analysts can look for £40,000 or more.

Read more on IT risk management