Published Apr 29, 2022 by Xiph
How do you keep uninvited guests and hackers from browsing your network? Enter the humble – firewall. It’s been the first frontline defence in network security for decades and is still used today to gatekeep traffic to digital devices and systems. But, how does a firewall work? Do businesses and home users need one? What’s the best type of firewall? Here’s everything you need to know.
What is a firewall?
A firewall is a program or hardware device that monitors and controls incoming and outgoing traffic to your network system based on predetermined security rules. It essentially establishes a barrier between your trusted network and an external, sometimes untrusted network, (such as the internet). Besides monitoring and filtering, a firewall can also block suspicious traffic to your computers, viruses, and other cyber threats. A firewall can be hardware, software, or a combination of both.
How does a firewall work?
A firewall usually sits between your network system’s perimeter and external networks. It allows you to accept and deny traffic/connections to and from your secure network (i.e. your computers and devices) based on configurations/rules set by you. In other words, a firewall checks that your incoming and outgoing traffic (data) meets a given set of criteria/rules. Think of it as a burly nightclub doorman inspecting all the traffic and data packets looking to enter your network and deciding who to let in based on pre-defined rules. Firewalls can also restrict access to only certain IP addresses and domain names, or can block traffic to a specific website or application (i.e. Facebook, Netflix, etc.) or TCP/IP port.
Here's how firewall rules work:
- Firewall rules examine information in individual packets.
- Rules are assigned directly to computers or to policies assigned to a computer or network system.
- You can turn a firewall rule off to temporarily allow some traffic that the rule denies.
- You can only turn rules on or off that you have created yourself.
How does a firewall protect against cyber threats?
A firewall blocks all unauthorised connections to your network (including those of hackers and cyber snoops) and even allows you to select which programs or applications can access the internet. Because a firewall controls all traffic coming into your network, it can detect possible cyber threats and malware that could impact your computers and systems. This means that any incoming traffic flagged by filters gets automatically blocked. Suspicious traffic leaving a network is also flagged, alerting IT staff to a possible compromise.
A firewall continuously scans packets for malicious code or attack vectors that have already been identified as established threats. If a data packet is flagged as a security risk, the firewall prevents it from entering the network or reaching your computer.
6 common types of firewalls
Here are the most common and widely used types of firewalls and key technologies:
- Proxy firewall: Also known as an application firewall or gateway firewall, this is the earliest type of firewall. A proxy firewall monitors information/data going in and out of your network. It serves as the gateway or ‘middle man’ to your network and can filter, cache, log, and control requests coming to and from your internet-connected devices to keep your network secure and free of intruders and viruses. A proxy firewall also limits the applications that a network can support.
- Stateful inspection firewall: Also known as dynamic packet filtering, a stateful inspection firewall tracks the state of all connections on the network to determine which network packets to allow through the firewall. This type of firewall allows or blocks traffic based on state, port, and protocol.
- Next-generation firewall (NGFW): With capabilities extending beyond simple packet filtering and stateful inspection of network traffic, NGFW is a third-generation and more sophisticated network security technology (hardware and software) that inspects a packet in its entirety (not just the packet header) but also a packet’s contents and source. This type of firewall provides advanced cyber threat intelligence and add-on functionality for application inspection as well as intrusion prevention and detection.
- Circuit-level gateway: Rather than inspecting individual packets, a circuit-level gateway assesses network protocol sessions including TCP handshakes across the network between devices inside and outside the firewall to determine whether the session is legitimate.
- Software firewall: This type of computer software operates from inside your computer via an application. It’s designed to filter incoming and outgoing traffic and prevent unauthorised access to your network and protect you from external malicious attacks.
- Hardware firewall: This is a physical device (or a set of physical devices) that also acts as a network boundary to filter both inbound and outbound traffic to your network and prevent external malicious threats.
Do businesses need a firewall?
A firewall is a fundamental requirement for any business or organisation that connects to the internet. It’s designed to block unauthorised connections from entering your network, and to prevent cyber intrusions and malware including viruses, worms, DDoS attacks, and more. A firewall is just another line of defence to protect your private business information and data.
Just keep in mind that a firewall is not an all-in-one cyber security solution and should be used in conjunction or to complement other layers of security; including anti-virus software, VPNs, multi-factor authentication (MFA), and encryption tools. Make sure to always back up your business data and systems.
Do home users need a firewall?
Home users also need a firewall to monitor connections and traffic into their home network. If in doubt, remember that any internet connection or Wi-Fi network, is susceptible to malware and cyber attacks. Most native applications like Windows 10 come with a pre-installed firewall utility that can be disabled by default.
Firewall vs anti-virus: What’s the difference?
Anti-virus software is a reactive security measure designed to scan and remove malicious software already inside your network. On the other hand, a firewall is a preventative measure that monitors and filters all traffic to your network to prevent unauthorised suspicious users, malware, and other cyber threats from entering your network in the first place.
A final word
Ultimately, the type of firewall(s) you need for yourself or your business will depend on your individual needs and/or the size of your organisation and its security needs around data protection. Either way, a firewall is an essential part of a multi-layered cyber security strategy. For advice or information on the best firewall solutions, contact us via email: [email protected]
Posted in: Security