What is a Firewall?

What is the Definition of a Firewall?

A firewall is a type of security system that acts as a filter for incoming and outgoing traffic to your computer’s network. A firewall ensures that you have a safe connection when connecting to the internet, keeping out hackers and malware.

Nearly every router, Windows PC, and Mac have firewalls installed on them. Most businesses will include additional firewalls on employees’ computers, as well as on their internal networks. These additional steps are frequently taken to protect proprietary information and keep the company safe from ransomware and hacking. A firewall can block outsiders from breaking into your computer or network and gaining access to private data. It can also block viruses and malware from infecting your computer by setting policies that help to defend your network by detecting invasive or suspicious activity.

Microsoft Defender

Stay safer online with one easy-to-use app<sup>1

1</sup>Microsoft 365 Personal or Family subscription required; app available as separate download

Learn More

How Does a Firewall Work?

A firewall acts like a security guard outside a party with a list. Only instead of approved guests, the firewall allows in approved data, like a webpage or an email. It filters the data as it enters your network and analyzes it for information about where it came from, where it’s trying to go, and its content. If the firewall determines that the data is harmful, it isn’t allowed in.

Each firewall has its own set of rules about which data is and isn’t allowed into a network. These rules are determined by the user and can change based on how the user defines dangerous activity. If you’ve had to allow an exception when trying to access a website, you’re changing the rules of a firewall. Otherwise, the only allowed connections are those that a firewall has been configured to accept. These connections send information over in units of communication called packets, that can be allowed or blocked based on the firewall.

Acceptable data can come from trusted sources, or IP addresses. These addresses can help to identify a source or computer as being trustworthy or dangerous. However, if a trusted IP is compromised and is attempting to infect your network with malware, the firewall will act as a line of defense.

What are the Different Types of Firewalls?

When you connect to the internet, a data breach can happen at any time. A firewall works to prevent these breaches from negatively affecting a user and can come in all kinds of shapes and sizes to accommodate various needs. There are two main types of firewall: hardware and software. A hardware firewall is a physical barrier, like a router, that exists between your internet network and your computer gateway. A software firewall is a type of program on your computer that works with ports and applications.

A third type is based in the cloud and is known as Firewall as a Service (FaaS). These are typically used for larger organizations. They can be easily scaled based and provide excellent perimeter security, like that of a hardware firewall.

When considering software firewalls, there are a number of options that exist with different functions and structures. Choose the type that works the best for you, based on the size of your network and how much security you need. If you’re online at home, your browser has at least one firewall in place already. If you’re online at work, you might be protected by three or more different firewalls, all designed to protect the company’s data.

Packet-Filtering Firewalls

This is the oldest type of firewall. It works by filtering traffic by packets, which are small bits of data that make up web traffic. Think of packets like a jigsaw puzzle that come together to create a webpage. But to give your computer a leg up, each packet has a header full of information about how each packet fits with the others. This type of firewall looks at the header’s IP address to determine if the packet is harmful or not.

Next Generation Firewalls (NGFW)

These firewalls look deeper than a packet’s header information. They’re able to determine if a connection is dangerous based on what’s information is within the packets and what programs are meant to receive that information. An example would be malware disguised as a pirated video game.

NGFWs typically boast integrated intrusion protection and can see and block risky apps that may contain threats. They also are more adept at addressing evolving security threats than packet-filtering firewalls, which becomes useful as hackers and malware become more sophisticated.

Proxy Firewalls

This type of firewall acts as a middleman between your computer and an outside web server. It can help to protect the security of your network by filtering out harmful messages and preventing direct connections from outside the network. Before a connection is made through a proxy firewall, the outside server must send a request, which is then evaluated against a set of security rules. Requests that don’t measure up are blocked.

Network Address Translation (NAT) Firewalls

A NAT firewall can help protect users and their devices from cybercrime by hiding their individual IP addresses and allowing them to connect to the internet through a single IP address. When hackers scan a network for vulnerable IP addresses, those who are connected to the internet through a NAT firewall will have their private information hidden. This type of firewall is like a proxy firewall in that is acts as an intermediary between outside traffic and a network. It only accepts inbound traffic if a device on your network specifically requested it.

Stateful Multilayer Inspection (SMLI) Firewalls

This thorough firewall reads packets as they arrive, and compares them against known, trusted packets before allowing them to pass. They are currently thought of as “traditional” firewalls and monitor all activity between an outside connection and a network. These intelligent firewalls make filtering decisions based on rules defined by an administrator and on context clues gleaned from previous connections and packets.

Do I Need a Firewall?

Simply put: yes. There are always new cybersecurity threats which can affect large companies and individuals at home. Hackers are becoming more sophisticated as they work to access your private data and use it for their own gain. A firewall can help you from being targeted by cybercriminals or keep your personal information safe.

There’s no such thing as “too much” when it comes to internet safety whether it’s for you, your family, or your business. While you’re keeping your family safe, read up on ways to protect your children’s identity online or invest in phone monitoring apps to keep a digital eye on your kids to keep them safe from predators and hackers.