When discussing business-class networking hardware, the nomenclature tends to get convoluted. One point of confusion among networking professionals occurs when discussing security appliances. What is the difference between a router and a gateway? What about a security gateway and a firewall or UTM?
Some pros will tell you it’s all the same, and the naming conventions are OEM marketing mumbo-jumbo. There is some truth there. However, it is important to understand that distinctions do indeed exist, and we can ferret these out by placing each in the context of a business network as a whole.
When are modems and routers called gateways?
Back in the good old days, networking professionals called combo modem-router devices gateways. Some still do. In fact, your ISP probably uses gateway in a similar vernacular to describe the piece of home networking equipment the technician installs for you—which might look like this piece of hardware:
High-speed cable modems have a coaxial input, and one or more RJ-45 Ethernet output. This legacy definition of a gateway is still valid. In fact, from a strict technical interpretation it’s a gateway more so than a “modem,” which is actually an outdated term.
As a computer term, “modem” is short for “modulator-demodulator.” Modems demodulate the analog signal from a telephone line into digital information that could be consumed by computers, and retransmitted—modulated back into analog—back over phone lines. Today’s broadband connections involve different technology, but the term “modem” was etched in the collective consciousness as the device that connects our computers to the big WAN (the internet), so we kept it.
Historically, a gateway is any hardware that regulates network traffic between two separate networks. Your one-piece modem-router? That is a gateway. A router in and of itself is also a gateway—routers receive signal from the WAN and directs it across the LAN. This makes the router a gateway between two networks.
When is a router not a gateway?
So, like a gateway modem, a router regulates network traffic between two or several separate networks. A simple four-port wireless router has two network interface cards (NIC)—one connects to the WAN port running out to the modem, and one or multiple internal NICs for the ports and wireless antennas. This is why routers have two IP addresses.
In a business setting, IT administrators configure routers to segment traffic on the company network. This gives endpoints on the network more direct lines of communication, reducing the amount of traffic flowing across the network as a whole, which serves overall performance and has security benefits.
Since subnetworks and virtual networks within a LAN are not dissimilar networks, we wouldn’t say the router is acting as a gateway in this regard. A gateway can be used like a router to reduce network traffic, but routers are much better at that.
Today’s web security gateways are actually firewalls
For our intents and purposes, distinguishing between a firewall and a web security gateway is probably the more useful part of this narrative if you’re interested in securing a network for a place of business.
In the modern networking vernacular, there’s significant overlap between the feature set of what are called UTMs and firewalls, and what some vendors designate as a web security gateway.
First, the basics. What we call a hardware firewall is a security appliance that sits between the modem and the router. It might be standalone piece of hardware, or built into the router itself. Or, using virtualization, you can set up a virtual server to act as router, and if you install antivirus security software you could call that a firewall as well. It performs the same tasks that a dedicated hardware firewall would.
For the sake of simplicity, consider a modern business-grade hardware firewall as a router with built-in security features. So, like any router, it sits at the network perimeter and directs traffic. Like any router in this position, it is also a gateway. In this role, the firewall within the router inspects packets, and selectively filters out known malicious attributes in network communications. The firewall can be custom-configured by IT to perform web content filtering, to block access to other parts of the network on a user-by-user basis.
Secure web gateway is a firewall with advanced reporting
A secure web gateway usually has more robust content filtering and application control than a UTM or Next Generation Firewall would. Since reporting is an important part of the job for security admins, many secure web gateways have a robust reporting platform. It might help to think of a secure web gateway as a superset of a UTM, which might be lacking in how granular you can get with application-level filtering and reporting user behavior and web browsing.
If you’re a business, you absolutely 100 percent need some kind of firewall protection on your network. Whether you it would benefit your network administration usually is connected to your Human Resources department and their reporting requirements. If your company wants to keep user activity closely monitored and reported, a secure web gateway stands to add value to your workflow.