on June 27, 2007
The firewall emerged two decades ago, ushering in the first wave of security technologies designed to protect IP networking. Intrusion detection systems and intrusion prevention systems followed the firewall. Unified threat management came on the security scene as a way to package existing technologies into an easier-to-deploy format. What follows is a timeline and discussion of the key developments.
Related Stories:
1988: The Morris Worm
The Morris Worm, which hit NASA and several universities, sparked the development of the first firewalls. Those devices were IP routers with packet filtering capability, noted Alex Quinonez, vice president of Americas sales and support at Astaro, a perimeter security vendor.
1989: IDS Emerges
University and government research yields the first generation of intrusion detection system (IDS) technology. Early commercial products include Haystack Labs’ Stalker, which built upon developments in the public sector and academia.
1991: Packet and Circuit Firewalls
Digital Equipment Corp. rolled out the first application-layer proxy firewall – dubbed SEAL -- in 1991. Bell Labs research spawned Raptor Eagle, a circuit-level firewall, a few months later.
1993: TIS Releases Source Code
Trusted Information Systems distributes its firewall toolkit as source code. Quinonez said that moved sparked additional activity in the firewall market. A notable commercial offshoot was the Gauntlet firewall, which after a series of acquisitions, ended up with Secure Computing Corp. in 2002.
1993: Inventing the Wheel
Air Force begins deploying its Automated Security Incident Measurement system. Two years, later Air Force developers found WheelGroup, which launches the NetRanger IDS system.
Domenick Lionetti, vice president of sales for ExaProtect, a security management vendor, noted that Air Force projects helped launched IDS, but noted that the market didn’t take off until the latter half of the 1990s. Cisco acquired WheelGroup in 1998.
1994: Check Point and The Stateful Firewall
Check Point Software debuted Firewall-1, inaugurating the stateful firewall market. Dean Ocampo, product marketing manager for Market Intelligence and Web Security at Check Point, said the emergence of stateful firewalls represented a middle ground between the performance of packet filtering firewalls and the intelligence and demarcation of proxy firewalls. Following the Firewall-1 introduction, Check Point turned its attention to developing a more intuitive management interface. Early firewalls were command-line driven.
1998: Snort Debuts
Martin Roesch creates the open source IDS Snort, which is now considered the most widely deployed IDS/IPS in the world.
1998-2000: IPS Arrives
Industry begins to recast IDS as Intrusion Prevention Systems (IPS), as products such as Network ICE’s BlackICE hit the market.
2003: Attack of the Worms
Slammer and Blaster hit corporate networks in a banner year for worms and other malware. Ocampo said this development “drove an outcry for a smarter firewall and things like intrusion prevention.”
2004: UTM Defined
IDC is credited with coining the phrase “unified threat management” to describe products that combine the functionality of firewalls, IDS/IPS, and other network protection gear in a single appliance.
David Frazer, director of technology services at anti-virus vendor F-Secure, said the emergence of UTM coincided with the rise of blended security threats.
Lionetti said the impetus for combining security functions in one box dates back to the late 1990s, when Cisco began offering encryption in its routers. Astaro and Fortinent, two of the current leaders in the UTM market, were actually founded in 2000.
2006-2007: Consolidation
IBM purchases IDS/IPS vendor Internet Security Systems for $1.3 billion; Secure Computing Corp., which markets UTM appliances among other products, acquires messaging security vendor CipherTrust Inc.; SonicWall, also in the UTM space, acquires e-mail security provider MailFrontier; Check Point purchases NFR, an IPS vendor.
Instrusion Detection (IDS) Essentials
Firewall Comparison Guide
Top Open-Source Snort Products
Network Access Control Resource Center