What is a firewall? Firewalls explained and why you need one
What is a firewall?
A firewall is a security device that can help protect your internet network by filtering unknown traffic and blocking outsiders from gaining access to your private data.
We’ve all heard about the dangers of clicking on unknown links or pop-up ads while browsing the internet, but is that really enough to keep your devices and network secure? A firewall should be your first line of defense to protect your network and data.
Firewalls help filter and block potential hackers from accessing your sensitive data, and there are many types of firewalls that use different strategies to keep your information safe. Read on to learn everything you need to know about firewalls and why they’re so important.
Firewall defined
A firewall is a security device that can help protect your internet network by filtering unknown traffic and blocking outsiders from gaining access to your private data. Firewalls can provide protection through computer hardware or software
Firewalls protect your computer from malicious software as well, which can create all sorts of security issues.
Firewalls can provide different levels of protection. The key is determining how much protection you need.
Keep reading to learn more about what firewalls do and determine the level of protection that will help keep your computer and the data on it safe from hackers and cybercriminals.
What does a firewall do?
A firewall acts as a filter that monitors access between your operating system and unwanted traffic or outside sources. In short, firewalls help protect you from hackers or malware that may try to steal your personal information.
How does it do this? A firewall acts as a gatekeeper between your computer and another network (typically the internet).
You can think of a firewall as a traffic controller. It helps protect your network and information by managing your network traffic. This includes blocking unsolicited incoming network traffic and validating access by assessing network traffic for anything malicious.
Many devices come with some sort of built-in firewall protection. Double-check to make sure you’re getting the most of your computer’s pre-installed firewall. You might also want to configure your security settings to run software updates automatically so you always have the most up-to-date protection.
What about VPNs and NATs?
You might have heard about some other popular security measures like virtual private networks (VPNs) and network address translations (NATs).
- VPN: disguises your device’s IP address when using public networks
- NAT: creates a secure and public IP address for all devices on the same network
So how do these tools differ? Let’s talk through some examples.
You might use a VPN on your laptop when you’re working at a coffee shop to protect your data from any sneaky hackers who might also be on that coffee shop's Wi-Fi.
You might use a NAT, on the other hand, on your home Wi-Fi to provide protection for your family and guests who use your internet connection. These tools are different from firewalls because they disguise your IP address and ensure a safe connection, but don’t protect you from malware.
How does a firewall work?
A firewall works at your computer’s entry point, or port. Only trusted sources, or IP addresses, are allowed in. IP addresses are important because they identify a computer or source.
Along with screening IP addresses, firewalls have other advanced internal rules they follow to determine whether or not a trusted source is trying to access your computer.
Types of firewalls
There are software and hardware firewalls. Each format serves a different but important purpose.
A hardware firewall is physical, like a broadband router—it connects the network and gateway through hardware like wires. A software firewall is internal—a program on your computer that works through port numbers and applications.
There also are cloud-based firewalls, known as firewall as a service (FaaS). One benefit of cloud-based firewalls is that they can grow with your organization and, similar to hardware firewalls, do well with perimeter security (preventing unauthorized users from accessing a network).
There are several different types of firewalls based on their structure and functionality. Here are the various firewalls you can implement, depending on the size of your network and the level of security you need.
Type of Firewall | Purpose |
Packet-filtering firewall | Basic firewall for small networks |
Proxy service firewall | Filters communication between your network and outside networks |
Stateful multi-layer inspection firewall | Administrators can add extra filters and keeps a database of vetted connections |
Unified threat management firewall | Similar to SMLI firewalls with antivirus and intrusion prevention |
Next-generation firewall | Advanced firewall capabilities that extensively inspect potential threats |
Network address translation firewall | Blocks any unsolicited attempts to access your network |
Virtual firewall | Basic firewall that operates over the cloud |
Packet-filtering firewalls
Most common type: Software
Function: Basic firewall for small networks
A packet-filtering firewall is a management program that can block network traffic IP protocol, an IP address, and a port number. This type of firewall is the most basic form of protection and is meant for smaller networks.
But beware: While packet-filtering firewalls can be helpful, they also have limitations. Because all web traffic is allowed, a packet-filtering firewall doesn’t block web-based attacks, so you'll need additional protection to distinguish between friendly and malicious web traffic.
Proxy service firewalls
Most common type: Software
Function: Filters communication between your network and outside networks
The proxy service firewall is a system that can help protect your network security by filtering messages at the application layer. It essentially serves as a gateway or middle man between your internal network and outside servers on the web. Also known as a gateway firewall, it is more secure in its use of stateful and deep-packet inspection technology to analyze incoming traffic.
Stateful multi-layer inspection (SMLI) firewalls
Most common type: Hardware
Function: Administrators can add extra filters and keeps a database of vetted connections
The stateful multi-layer inspection firewall has standard firewall capabilities and keeps track of established connections. It works like multiple firewalls to filter traffic based on the data it gathers, along with administrator-defined rules and context. This involves using data from prior connections and packets from the same connection.
Most firewalls rely on stateful packet inspection to keep track of all internal traffic. This firewall is a step above packet filtering in its use of multi-layer monitoring.
Unified threat management (UTM) firewalls
Most common type: Software
Function: Similar to SMLI firewalls with antivirus and intrusion prevention
A unified threat management firewall is a program that combines the functions of the SMLI firewall with intrusion prevention and antivirus. Additional services like cloud management may be included under the UTM umbrella of services.
Next-generation firewalls (NGFW)
Most common type: Software
Function: Advanced firewall capabilities that extensively inspect potential threats
Next-generation firewalls are more sophisticated than packet-filtering and stateful inspection firewalls. Why? They have more levels of security, going beyond standard packet filtering to inspect a packet in its entirety. That means inspecting not just the packet header, but also a packet’s contents and source. NGFW are able to block more sophisticated and evolving security threats like advanced malware.
Network address translation (NAT) firewalls
Most common type: Software
Function: Blocks any unsolicited attempts to access your network
A NAT firewall is able to assess internet traffic and block unsolicited communications. In other words, it only accepts inbound web traffic if a device on your private network solicited it.
Virtual firewalls
Most common type: Cloud-based software
Function: Basic firewall that operates over the cloud
A virtual firewall is an appliance used in a cloud-based system, both private and public. This type of firewall can assess and manage internet traffic over both physical and virtual networks.
Host-based firewalls versus network-based firewalls
There are differences between host-based and network-based firewalls, along with benefits of having both in place.
- Network firewalls: filter traffic going between the internet and secured local area networks (LAN)
- Host-based firewalls: work similarly to network firewalls but are stored locally on a single computer or device
Network firewalls are typically used by businesses that need to protect a large network of computers, servers, and employees. A network-based firewall is able to monitor communications between a company’s computers and outside sources, as well as restrict certain websites, IP addresses, or other services.
A host-based firewall is a software application or a suite of applications that allows for more customization. They are installed on each server, control incoming and outgoing traffic, decide whether to allow traffic to individual devices, and protect the host.
Firewall history
Firewalls have certainly evolved over the years and have become more advanced since the technology first entered the scene. Getting their start as a basic packet-filtering system in the late 1980s, firewalls monitored packets sent between computers. They now offer more advanced protection and technology, as highlighted in this timeline.
- In the late 1980s: First-generation firewalls developed as attacks on personal computers drove antivirus products.
- In the mid-1990s: Internet attacks on networks led to the advent of the second-generation firewall; the first stateful inspection firewall was introduced in 1993.
- In the early 2000s: Third-generation firewalls addressed vulnerability exploits at the application layer, leading to intrusion prevention system (IPS) products.
- In 2010: Increases in targeted attacks instigated anti-bot and sandboxing products.
- In 2017: Larger-scale attacks drove even more advanced protection.
Do you need a firewall at home?
Your home network is only as secure as its least protected device. That’s where a network security system comes in.
Firewalls represent a first line of defense in home network security—but a firewall shouldn’t be your only consideration for securing your home network. It’s important to make sure all of your internet-enabled devices—including mobile devices—have the latest operating system, web browsers, and security software.
You might not realize it, but keeping your default Wi-Fi settings isn’t always a great idea. So what can you do to help secure your router?
- Change the default name of your router
- Change the default password
- Research your default security options
- Set up a guest network for visitors
Why do we need firewalls?
It’s important to use available defenses to help protect your network and the personal information stored on your computer against cybercrimes.
You might already engage in certain safe computer and internet use practices, but here are some top ways to browse safely:
- Don’t click on unknown links or attachments.
- Only visit trustworthy, known websites.
- Never give out any personal information unless it is absolutely necessary.
- Create strong, unique, complex passwords for each online account that you update often.
Does all of this make you safe enough? The answer may be no. If you use the internet, it’s smart to have a firewall in place. Cyberthreats are widespread and always evolving.
Here are the three main risks of not having a firewall.
Open access
Without a firewall, you’re accepting every attempted connection into your network. You wouldn’t have any way to detect incoming threats, which could leave your devices vulnerable to malicious users without you ever knowing.
Lost or compromised data
Not having a firewall means your devices are virtually unprotected, which could allow someone to gain control over your computer or network. This can range from a hacker operating your computer from afar to downloading your entire system to sift through your data. Cybercriminals could delete your data or use it to commit identity theft and financial fraud.
Network crashes
Without a firewall, attackers could shut down your network. Getting it running again and attempting to recover your stored data can drain significant time and money.
Firewalls are a key part of security technology, especially when the different types of firewalls work together to provide an umbrella of protection. They help keep your network, computer, and data safe and secure.
FAQ about firewalls
Looking for some more information about firewalls? Keep reading for our answers to your burning questions.
What is a firewall?
A firewall is a security device available as computer hardware or software. It can help protect your network by acting as an intermediary between your internal network and outside traffic. It monitors attempts to gain access to your operating system and blocks unwanted incoming traffic and unrecognized sources.
How do firewalls work?
A firewall acts as a barrier or gatekeeper between your computer and another network like the internet. It works like a traffic controller, monitoring and filtering traffic that wants to gain access to your operating system.
What does a firewall protect against?
A firewall protects you from unsolicited and unwanted incoming network traffic. It validates access by assessing this incoming traffic for anything malicious like hackers and malware that could infect your computer.
What are the types of firewalls?
There are two main ways you can obtain a firewall—through software or hardware. A hardware firewall is a physical device, connected between your network and gateway. A software firewall is an internal program on your computer that works through port numbers and applications.
Beyond that, there are several different types based on their structure and functionality, such as:
- Packet-filtering firewalls
- Proxy service firewalls
- SMLI firewalls
- UTM firewalls
- Next-generation firewalls
- NAT firewalls
- Virtual firewalls
Do you need a firewall?
If you use the internet, it’s smart to have a firewall in place. They provide a first line of defense to help protect your computer and your personal information from cyberthreats, which are widespread and evolving.
Can a firewall be hacked?
Any device connected to the internet has the ability to be hacked, no matter how hard you work to keep it secure. To reduce your chances of being hacked, make sure your device and firewall are always running on the latest software.
A firewall shouldn’t be your only consideration for securing your home network, though. It’s important to make sure all of your internet-enabled devices have the latest operating system, web browsers, and security software.
Do firewalls prevent viruses?
Firewalls don’t protect against viruses on their own. They manage access to your network, whereas antivirus software serves as cyber protection from malicious viruses. However, some software firewalls include virus protection.
What is the difference between hardware firewalls and software firewalls?
A hardware firewall is physical, like a broadband router, connected between your network and gateway. A software firewall is internal—a program on your computer that works through port numbers and applications.
Do you need a firewall at home?
Yes, your home needs a firewall. Without a firewall, you could leave yourself open to accepting every connection to your home network without a way to detect incoming threats.
This open access could leave your devices and personal information exposed and vulnerable to being accessed and used for malicious purposes. Those intruders could engage in malicious activities like gaining control over your computer or network, deleting your data, or using your personal information to commit identity theft and other online frauds.
How do I check my firewall?
The steps to check your firewall will vary based on the type of firewall you use. Typically, you can check a software firewall by opening the software settings. For hardware firewalls, you might need to conduct a file sharing, common ports, or all ports and services test to determine if it’s working properly.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.
Want more?
Follow us for all the latest news, tips and updates.