What is a Firewall?

A firewall is a piece of software that adds an extra layer of security to your computer. It is typically used with antimalware to prevent unauthorized users from gaining access to your systems. It lets you transmit information freely, but checks any incoming data using security rules you set up. Inbound traffic that does not conform to these rules is rejected. This reduces the amount of unwanted traffic and frees up more resources for legitimate data communication to take place.

You can compare a firewall to an electric fence that provides extra protection against thieves and other suspicious characters.

Other interesting terms…

• What is Network Security?
• What is a Rainbow Table Attack?

Read More about a “Firewall”

A firewall’s primary purpose is to create a barrier between an internal network and incoming traffic from external sources. That way, malicious traffic is blocked right away before it can harm connected computers. How does a firewall do this?

Firewall History

There are three generations of firewalls to date—first, second, and third.

First-generation firewalls, also known as “packet filter firewalls,” were introduced in 1988. Digital Equipment Corporation engineers developed them. Bill Cheswick and Steve Bellovin developed the first working first-generation firewall model. It inspected packets transferred from one computer to another on the Internet. If the packet meets the packet filter’s rules, it will be rejected, and its sender will receive an error message.

Second-generation firewalls were launched between 1989 and 1990. The first one was created by AT&T Bell Laboratories employees Dave Presetto, Janardan Sharma, and Kshitij Nigam. Known as “circuit-level firewalls,” these kept pace with advances made to computers and networking technology.

Finally, third-generation firewalls, which we use today, follow standards set by the Internet Engineering Task Force (IETF). Unlike their older counterparts, they are very user-friendly. Setting them up doesn’t require coding ability.

The term “firewall” was first applied to networking technology in the late 1980s.

How Firewalls Work

Firewalls use predetermined rules for analyzing incoming traffic. They filter traffic based on these rules. As such, they block unwanted, unknown, or suspicious incoming communication. The analysis occurs at a network’s main entrance and ports where exchanges with external devices happen.

To better understand the concept, you can think of a computer network as a house. The rooms in that house represent connected devices. The doors protected by a firewall serve as entry points. In this analogy, only the dwellers in that house can enter all rooms. And so, if the homeowners host a party, the firewall would keep guests out of the protected places.

Firewall Features

Firewalls today are generally expected to have the essential features below.

Easy to Manage

A vast majority of corporate networks are complex in that they have several components and support a ton of devices. And given the amount of confidential data they keep, they need protection from as many cyberthreats as possible. Today’s firewalls should make things simple for system and network administrators. They should be compatible with most, if not all, security solutions and allow monitoring and control from a single portal.

Can Prevent Threats

Firewalls were designed to protect one’s network. That has grown more important today, given the ever-growing threat landscape. They need to identify and block threats before they enter the network. Basic threat prevention features built into firewalls should include anti-phishing, anti-malware, anti-bot, and the ability to be fed with high-quality threat intelligence feeds.

Can Adjust to Varying Application Specifications and User Privileges

Every application has its own specifications and policies. Some may require their traffic to be prioritized, while others may need to be blocked on the network. Today’s firewalls should be able to identify which application needs what and adjust how they work accordingly.

Not all employees are also given the same level of privilege. Higher-ups (C-level executives and managers), for instance, can access more resources and files than rank-and-file workers. Firewalls should be able to control who gains access to what based on their roles and responsibilities or positions in the company.

Can Support Cloud Applications and Services

Almost all organizations now use cloud computing. And they don’t usually work with a single vendor. Your firewall should be able to tell what policies to enforce in which environment to implement the same level of security throughout the network, including external cloud apps and services. That’s especially true if the cloud service provider isn’t accountable for your data’s security.

Scalable

Cloud usage allows organizations to easily add and delete resources from their networks when the need arises. And their firewalls must be able to cope with these changes as well. Regardless of resource additions and deletions, all connections must remain protected against cyberthreats.

Types of Firewalls

Like many technologies, firewalls come in various kinds that meet varying user requirements. Here are some of them:

1. Next-Generation firewall (NGFW)

An NGFW uses traditional firewall technology with additional features such as intrusion prevention, encrypted traffic inspection, and antimalware, among others. It also uses deep packet inspection (DPI), which allows it to analyze the data within a packet, letting users determine, classify, and prevent packets containing malicious data from gaining access to the internal network.

2. Proxy firewall

A proxy firewall, meanwhile, carries out traffic filtering at the application level, which means that it protects software and their users from harmful communication. Since a proxy serves as an intermediary between two systems, one device needs to send requests to the other before these can be evaluated. In general, a proxy firewall monitors HyperText Transfer Protocol (HTTP) and File Transfer Protocol (FTP) traffic.

3. Network Address Translation (NAT) firewall

NAT firewalls permit multiple devices with different network addresses to access the Internet using only one IP address. That allows all users to mask their individual IP addresses. A NAT firewall makes it hard for hackers to scan for IP addresses to attack with or use for their nefarious activities.

4. Stateful Multilayer Inspection (SMLI) firewall

SMLI firewalls are responsible for filtering network packets at the application layer. They do so by comparing arriving packets with known ones. They are highly similar to NGFW firewalls since they also analyze entire packets and would only grant access to those that pass inspection.