A firewall is a network security device designed to prevent unauthorized access to or from a private network. It monitors incoming and outgoing traffic and permits or blocks data packets based on a set of security rules. A firewall is used to create a barrier between an internal network and incoming traffic from external sources to block malicious traffic such as viruses and hackers.
In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.
Hardware vs. software firewalls
A hardware firewall protects your entire network from the external environment with a single physical device. While a stand-alone product can be purchased, most hardware firewall devices are installed between the computer network and the internet. This device monitors packets of data as they are transmitted and then blocks or transfers the data according to predefined rules. Hardware firewalls require advanced IT knowledge to install and dedicated management and monitoring afterwards. Because of this hardware firewalls are typically used by larger businesses where security is a big concern.
A software firewall is installed on a user’s computer and protects that single device. This provides internal protection to a network. It’s customizable, allowing users some control over its function and protection features, such as being able to block access to certain websites on the network. Because software firewalls are easier to install, they are used by many home and SMB users.
A firewall can also be a component of a computer’s operating system (OS). For example, any Windows OS newer than XP includes Windows Firewall, a free software firewall. It notifies users of any suspicious activity and detects and blocks viruses, worms, and hackers.
Types of firewalls
There are several types of firewall techniques that will prevent potentially harmful information from getting through:
- Packet Filtering: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
- Proxy: Serves as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality by preventing direct connections from outside the network.
- Next-generation (NGFW): Combines traditional firewall technology with additional functionality, such as deep packet inspection, which examined the data within the packet itself to identify and stop packets with malicious data.
- Network address translation (NAT): allows multiple devices with independent network addresses to connect to the internet with a single IP address, allowing individuals IP addresses to remain hidden. NAT firewalls are similar to proxy firewalls in that they act as an intermediary between a group of computers and outside traffic.