What is a Firewall?
A firewall is a security system that helps protect your computer, network or website from hackers and other unauthorized users. A firewall can be hardware, software, or a combination of both.
Most, if not all internet-connected devices have some sort of basic firewall features built in to provide a straightforward level of protection.
Companies such as Sophos, CheckPoint and Fortinet build and sell next-generation-firewall products that provide far more than basic firewall features that are standard on consumer-grade internet routers from your internet services provider.
A firewall is often installed between a private network and the Internet and most times replace the existing router. Firewalls are designed to protect computers connected to the network from attacks originating outside the network as well as limit the ability of infected computers from connecting out to the internet.
Firewall rules are a basic set of permissions configured to block or allow data traffic from either getting out of the network or coming into the network. Firewalls may be categorized based on their purpose and how they operate.
Advanced firewalls, known more commonly as next-generation-firewalls have extended features for higher levels of security. Features that are commonly found on next-generation-firewalls include:
- Intrusion Prevention Systems (IPS)
- Intrusion Detection Systems (IDS)
- Deep Packet Inspection (DPI)
- Advanced Web Protection
- HTTP/HTTPS Scanning of data
- Bandwidth management
- Website category blocking – Such as social media blocking
- Antivirus database engines to scan data traffic
- VPN Server
With the following features on a firewall, it is always worth remembering that a firewall is only as good as the setup. If a Firewall has been configured to bypass protection mechanisms, it cannot provide protection for those features.
As a rule of thumb when setting up any security device such as a firewall, always deny everything and allow by exception for higher levels of protection.