I'm thinking about going with a security vendor for hosted sites on my VPS, and I'm having a hard time understanding something. (Yes I know this is OSI terminology, and the sites in question are basic dental and medical practice websites with no eCommerce and no private info (SSN, etc).
Their basic plan has a Layer 7 firewall (and I get that that's HTTP, HTTPs, etc), but their advanced plan has layer 3,4 coverage as well (and I get that that is IP and TCP/UDP).
1) What I don't understand is the big picture — does a Layer 7-only firewall ignore problems with Layer 3/4? Is packet inspection skipped?
2) And if so, how necessary is a layer 3/4 firewall if you already have a layer 7 in place?
If there's a book or resource I can read to understand this that would also be great. I want to understand what I'm doing before I make a purchase!
Best Answer
It sounds like you're getting a bit of misleading jargon. The technical definitions for these types of firewalls are:
Since the proper definitions don't line up with their pricing scheme, I think they're using Layer 7 as a (technically incorrect) reference to a software firewall running on your VPS. Think along the lines of iptables or Windows Firewall. Should you pony up the extra fees, they'll put your VPS behind a proper network firewall. Maybe.
If they can't be bothered to use proper terminology when describing their VPS solution to potential customers, I'd question their competence in other areas as well.