What Is a Firewall?
What's a network address translation firewall?
A NAT works on your router to protect your network by only allowing inbound traffic to pass through if a device on your network requested it. It also masks your devices' private IP addresses with a single public address, preventing attackers from accessing specific details about your network. A NAT firewall is like a proxy firewall in that it acts as an intermediary between your internal network and the web.
What is a firewall?
A firewall is a network security device—hardware, software, or both—that monitors and manages incoming and outgoing network traffic. It protects your network by assessing and filtering data packets based on a set of security rules. As you browse the web, send emails, or stream movies, you request data from specific web servers. Your firewalls stand between your local network and the internet, sifting through your network's traffic, accepting the data you requested and blocking unwanted or unrecognized connections, like malware and cyber attacks, from accessing and compromising your device.
What is a hardware firewall?
A hardware firewall, or network firewall, on the other hand, is a physical appliance such as a broadband router, stored between your network and gateway. It filters traffic to and from the internet to a secured local area network (LAN), i.e. your local network, and imposes a network boundary, where inbound and outbound network traffic is inspected as it passes through.
What's a proxy firewall?
A proxy is someone authorized to act on behalf of another. Likewise, a proxy firewall—also known as an application firewall or gateway firewall—serves as a gateway from an outside network to an internal network on behalf of an application. Whereas a traditional firewall simply blocks access to unauthorized connections, a proxy firewall acts as an intermediary between your internal network and the web, and filters traffic at the application level. The downside is proxy firewalls limit the applications your network can support, and can affect its functionality and speed.
What is a software firewall?
A software firewall, also known as a host-based firewall, is a software application (or a suite of applications) that runs locally on devices in your network, controlling each device's incoming and outgoing traffic through port numbers and apps.
What is a cloud-based firewall?
Called Firewall as a Service (FaaS), cloud-based firewalls offer perimeter security like hardware firewalls. These can also be quickly scaled to suit an expanding network.
What's a stateful inspection firewall?
Considered traditional firewalls, stateful inspection firewalls—or stateful firewalls—analyze incoming traffic for potential risks while keeping track of active network connections. Connection data and other contextual data is stored and dynamically updated, then used to evaluate future connection attempts. In other words, filtering is based on established rules and contextual information from previous connections.
What should we do to protect ourselves in addition to firewalls?
Keep everything up to date. Be sure all of the internet-enabled devices on your network—including your mobile devices—are up to date with the latest OS, web browsers, and security software. Outdated software creates security vulnerabilities that are routinely patched with software updates. The latest version is the safest version. Never download and/or run software from a provider you don't trust. All of the protections provided by a firewall and other security software are easily moot by the simple act of downloading and running some malicious software from the internet. Secure your wireless router. Your router is the device that receives and sends data between the internet and the internet-enabled devices in your home. Replace the default manufacturer ID and password it came with, review your security settings, and set up a guest network for visitors.
What's a next generation firewall (NGFW)?
NGFWs offer more functionality than traditional firewalls, including encrypted traffic inspection, application-layer inspection, intrusion prevention systems (IPS), and most notably, deep packet inspection (DPI), allowing examination of a packet's contents and source, rather than just its header. Next generation firewalls can block sophisticated security threats, like advanced malware and application-layer attacks, making them the standard for most companies.
What's a packet-filtering firewall?
These are the most common and basic form of protection, and are meant for smaller networks. Packet-filtering firewalls analyze packets' source and destination IP addresses, preventing those that don't match their rule set from passing through, allowing those they trust to enter. But they offer only limited protection. For one, they can't block web-based attacks because they can't tell if the contents of a request endanger the destination application. You need additional protection to pick out malicious web traffic.
What's the purpose of a firewall?
To establish a barrier between your internal network and an external network, like the internet. It's a gatekeeper between your virtual domain and the outside world. Antivirus software, on the other hand, helps protect your devices, not your network, from malware and other threats.) Firewalls provide various levels of protection depending on your needs. Most security software and operating systems (OS) come with firewalls installed. Be sure yours are turned on and configure your security settings so that updates run automatically.
How does a firewall work?
To prevent attacks, a firewall analyzes traffic based on pre-established rules, and welcomes only incoming connections it's been configured to accept. This happens at your computer's entry points, known as ports, where information is exchanged with external devices. A device may have multiple ports, identified by port numbers. Typically, only sources with IP addresses known to your firewall may send traffic into your network. An IP address identifies a source in the same way your home address identifies where you live. Every device, including yours, has its own IP address which helps deliver content and information from the internet. No two IP addresses are exactly alike. Only allowed sources—that is, only external IP addresses explicitly allowed by the firewall—can interact with your device through its ports.
Why do we need firewalls?
Without firewalls you're vulnerable to: Unmitigated access to your network. There are public networks to which anyone can connect, like the internet, and there are private networks, to which access is restricted. A firewall helps keep yours private. You shouldn't accept every connection into your local network. With open access, you can't detect incoming threats, leaving your device and your personal data open to threats and malicious users—not worth the risk. Lost or compromised personal data. An open network is a welcome site for malware. Malware invades, damages, and disables computer systems, often by taking partial control of its operations. In most cases, cybercriminals use malware to extract personal data they can then leverage for money, including healthcare records, financial information, emails and passwords. Network crashes. Left unchecked, attackers and malware can take down your entire network. Getting it working again as well as recovering your data can be long and expensive—and will leave you wishing you'd taken the right precautions from the start.
