In networks, firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed not to be secure or trusted. Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls are a software appliance running on general purpose hardware or hardware-based firewall computer appliances that filter traffic between two or more networks. Host-based firewalls provide a layer of software on one host that controls network traffic in and out of that single machine. Firewall appliances may also offer other functionality to the internal network they protect such as acting as a Dynamic Host Configuration Protocol (DHCP) or Virtual Private Network (VPN) server for that network. Disadvantageously, conventional firewalls, either network firewalls or host-based firewalls are physical devices located at the boundary between the internal network and the outside network (the Internet). That is, network firewalls are appliance-based at the network boundary, and host-based firewalls are on a single device. This scheme does not reflect the evolving network of cloud-based connectivity, Bring Your Own Device (BYOD), etc. For example, a road warrior, home user, or employee with their mobile device does not have the benefit of a network firewall outside of the internal network. Also, mobile devices and their associated operating systems may not allow host-based firewalls.
Thus, there is a need for next-generation firewall systems and methods that can adapt to the evolving network.