What Is a Firewall and Why Do You Need One?
A firewall is a digital security system that checks all incoming and outgoing traffic on a network according to a defined set of rules. A firewall keeps out unauthorized traffic and lets in only communications that are deemed safe, using a set of security rules that you or your network administrator set up.
Software firewalls come installed on every Mac and Windows computer. They can be installed as standalone software or bundled with other cybersecurity programs. Hardware firewalls are more specific to larger network devices, such as internet routers.
To protect company communications, businesses typically use a software firewall on all employee computers along with larger hardware firewalls to protect the entire network. That means that every data request has to go through at least two firewalls.
Mục Lục
What is a network firewall?
A network firewall is a security device that monitors all incoming and outgoing traffic on a private network. Network firewalls work like device-specific firewalls, but they protect an entire network by blocking unauthorized access, which protects all the devices connected to that network.
Network firewalls are controlled by specific network administrators who are responsible for defining the firewall rules. Firewall network security is also the authorization method used in many remote access scenarios, such as remote working environments.
History of firewalls
The first iteration of firewall technology was created in the late 1980s as the internet’s popularity and use grew. Early firewalls were developed with simple packet-filtering technology, which was the first technology to monitor external connections before allowing them to connect with network devices. That technology set the basis for future firewall evolutions.
In the late 80s and early 90s, the next generation of firewall technology was developed. This time, firewalls were able to monitor traffic connections continuously. Over the next several years, the precursor to modern proxy firewall technology was developed. That was followed by the development of a user-friendly interface, which helped firewall technology become a basic cybersecurity tool for businesses and homes worldwide.
Since these first iterations, the development and definition of firewalls have continued to evolve, and the history of firewall technology is still being written.
What does a firewall do?
A firewall filters data entering your network. It analyzes that data by checking the sender’s address, the application the data is meant for, and the contents of the data. By combining these defined data points, a firewall can tell what’s harmful and what isn’t. Then the firewall opens or closes the network gate accordingly.
The primary purpose of a firewall is to check if traffic or an incoming connection meets a predefined set of security standards, which is critical for internet security. A good firewall tool can help you adjust the firewall’s settings to your needs.
How does a firewall work?
A firewall works according to a list of predefined rules that determine whether traffic can enter or exit a network. These rules change based on what you tell an application to do and how you choose to define dangerous activity. Think of a firewall as a security guard who knows everything happening inside the building (network) they’re guarding, and who verifies the safety of anyone trying to get inside.
At some point, you’ve probably had to click a window that says “Allow exception” when connecting to a website or opening a program. Firewall permissions are always changing, and different firewalls work at different levels. Some firewalls check the address of the sender, while others check the contents of the transmission.
Firewalls filter incoming traffic to block threats to your computer or network.
If your favorite website has become host to dangerous activity, you’ll want security software that can spot the danger. Avast One features an ironclad firewall that scans for telltale signs of malicious activity, and we’re always updating our threat-detection engine to stay on top of the latest threats. Install Avast One today.
Different types of firewalls and examples
Connecting through the internet to different devices is a complicated operation. And unfortunately data breaches can happen at any point during this process — from the code that determines how a page is displayed on a PC or an iPhone, all the way down to the protocol that allows the connection between two machines or web servers.
Firewalls come in all shapes and sizes to protect these points of contact. Here are some firewall examples:
-
Packet-filtering firewalls
-
Next-generation firewalls (NGFW)
-
Proxy firewalls
-
Network address translation (NAT) firewalls
-
Stateful multilayer inspection (SMLI) firewalls
You’re almost certainly using one of these if you’re browsing at home. If you’re connecting from a company network, every data request could be moving through three or more firewalls. No effort is too much when it comes to server security.
Let’s look at each of these firewall types in greater depth.
Packet-filtering firewalls
The oldest type of firewall, packet-filtering firewalls filter traffic by packets, which are smaller bits of data making up the traffic you receive. Every packet has header information that helps your computer put the file back together like a puzzle. Packet filtering works by looking at this header.
Packet-filtering firewalls analyze information in data packets to determine their safety.
The address the packet came from and the connection protocol are two crucial bits of information in the header. Is the IP address from Facebook or a blacklisted host? Is the protocol standard TCP? Packet-filtering firewalls look at this essential information.
Packet-filtering firewalls come in two categories: stateful and stateless. The former analyzes packets within the context of a network connection, while the latter examines them in isolation as separate packets.
Next-generation firewalls (NGFW)
Next-generation firewalls go deeper than reading just the header information of a message. NGFWs can tell when a connection is dangerous based on the contents of a packet and the program designated to receive it, such as your browser or an online video game.
Proxy firewalls
Proxy firewalls act as intermediaries between two servers connecting to each other. Proxy servers and reverse proxy servers are intermediaries between two other devices online, such as your computer and a web server. When setting up a proxy, you’ll define what types of data to relay (and block) between the two connected devices.
Traditional firewalls work at the TCP level, while proxy firewalls work at the application level, such as on HTTP. We use HTTP to browse the internet, and this type of firewall looks after traffic on this level. Most sites now use HTTPS, which simply adds encryption to HTTP for another line of defense.
Network address translation (NAT) firewalls
Network address translation, or NAT, happens because there aren’t enough IP addresses under our current system of IPv4, which is slowly being replaced by IPv6. Many households and companies use just one IP address, and the NAT process redirects data to a specific device sharing that IP address.
Though unwieldy, NAT has some security benefits. A firewall placed at the router level can stop malicious activity before the data is sent to your private IP address — the address that differentiates your device from everyone else sharing the public IP address. You can think of this as a home network firewall.
Router firewalls help make our private and public IP addresses manageable and safe to use.
Stateful multilayer inspection (SMLI) firewalls
Stateful multilayer inspection firewalls use holistic data inspection to detect threats. Stateful inspection means a packet is analyzed within the context of every other packet transmitted over the network. Without this type of inspection, packets are examined only in isolation from one another.
Standard internet communications use a seven-layered model called Open System Interconnection (OSI), and multilayer inspection examines a packet at every layer. That makes SMLI firewalls highly advanced and very secure, though they can slow down your traffic a bit.
Why do I need a firewall?
You need a firewall because there are always new cybersecurity threats, which can impact both large companies and individuals. For every improved step in cybersecurity, cybercriminals take ten. And while you can always try to assess a website’s safety, a firewall casts a much wider security net.
Here’s how a firewall can protect you:
Monitoring traffic
A firewall works constantly to monitor your traffic based on specifically defined rules. Without a firewall acting as a security guard for your traffic, your network, devices, and personal data are exposed.
Stopping online attacks
While IT technicians work to secure data in a company’s network and maintain a firewall’s network security, pirates armed with malware, trojans, and other threats seek to obtain that data and sell it for a hefty sum. Without a firewall, it’s easier for malware to slip through the cracks in the network.
Preventing hacks and data loss
IT technicians and antivirus software developers work around the clock to keep hackers from gaining access to private data. Without a firewall, your devices — and your data — are left exposed. If cybercriminals get access, it can lead to leaked confidential data, fraud, or even identity theft.
Do I need a firewall at home?
Yes. Just like at work, using a firewall at home is essential for filtering out unwanted and malicious traffic on your network. Without the safeguard of a firewall, the devices in your home can be hacked more easily, malicious disruptions of your network can occur, and your family’s data is left exposed and unprotected.
For home computers running Windows, the built-in firewall is a helpful bonus. But, Windows defender isn’t always enough when it comes to detecting new and emerging malware threats.
Firewall security tips
To get maximum firewall security, bolster its protective features with these tips:
-
Always keep your firewall on.
Turning off your firewall to access a specific network or device can leave your entire device vulnerable. If you need to access another device or network, update your firewall rules and add the desired device to your allow list instead. -
Update your OS or firewall software.
If you rely on a firewall built into your OS or device, keep it up to date. Outdated firewall software or operating systems can leave your device vulnerable to exploits and security breaches. -
Use a VPN alongside a firewall.
A VPN adds an extra layer of internet security to your firewall by protecting all of your device’s traffic in a secure, encrypted tunnel. Though rare, firewalls and VPNs can counteract each other, so some customizations to your firewall’s packet or application rules may be necessary. -
Don’t allow unknown requests.
If your defined firewall rules don’t cover a suspicious request you receive, you’ll likely be asked to allow or deny the connection. Always deny suspicious or unknown requests that aim to bypass your firewall’s security. Later, you can investigate the blocked attempt and update your firewall’s rules if necessary. -
Install extra security software.
While firewalls do a great job of protecting your device from malicious traffic, they do not protect you against malicious programs you might unwittingly install. For more comprehensive security against malware and other treats, install a trusted malware scanner tool.
Get powerful firewall protection with Avast
Keep your information and data truly private with strong security software. Along with an advanced, built-in firewall, Avast One also features robust malware protection, anti-phishing safeguards, and smart analytics that defend against the latest threats and identify new dangers. Install Avast One today.