A firewall is a piece of software that adds an extra layer of security to your computer. It is typically used with antimalware to prevent unauthorized users from gaining access to your systems. It lets you transmit information freely, but checks any incoming data using security rules you set up. Inbound traffic that does not conform to these rules is rejected. This reduces the amount of unwanted traffic and frees up more resources for legitimate data communication to take place.
You can compare a firewall to an electric fence that provides extra protection against thieves and other suspicious characters.
Read More about a “Firewall”
A firewall’s primary purpose is to create a barrier between an internal network and incoming traffic from external sources. That way, malicious traffic is blocked right away before it can harm connected computers. How does a firewall do this?
How Firewalls Work
Firewalls use predetermined rules for analyzing incoming traffic. They filter traffic based on these rules. As such, they block unwanted, unknown, or suspicious incoming communication. The analysis occurs at a network’s main entrance and ports where exchanges with external devices happen.
To better understand the concept, you can think of a computer network as a house. The rooms in that house represent connected devices. The doors protected by a firewall serve as entry points. In this analogy, only the dwellers in that house can enter all rooms. And so, if the homeowners host a party, the firewall would keep guests out of the protected places.
Types of Firewalls
Like many technologies, firewalls come in various kinds that meet varying user requirements. Here are some of them:
1. Next-Generation firewall (NGFW)
An NGFW uses traditional firewall technology with additional features such as intrusion prevention, encrypted traffic inspection, and antimalware, among others. It also uses deep packet inspection (DPI), which allows it to analyze the data within a packet, letting users determine, classify, and prevent packets containing malicious data from gaining access to the internal network.
2. Proxy firewall
A proxy firewall, meanwhile, carries out traffic filtering at the application level, which means that it protects software and their users from harmful communication. Since a proxy serves as an intermediary between two systems, one device needs to send requests to the other before these can be evaluated. In general, a proxy firewall monitors HyperText Transfer Protocol (HTTP) and File Transfer Protocol (FTP) traffic.
3. Network Address Translation (NAT) firewall
NAT firewalls permit multiple devices with different network addresses to access the Internet using only one IP address. That allows all users to mask their individual IP addresses. A NAT firewall makes it hard for hackers to scan for IP addresses to attack with or use for their nefarious activities.
4. Stateful Multilayer Inspection (SMLI) firewall
SMLI firewalls are responsible for filtering network packets at the application layer. They do so by comparing arriving packets with known ones. They are highly similar to NGFW firewalls since they also analyze entire packets and would only grant access to those that pass inspection.