What is a firewall and do you need one?
March 20, 2020
A firewall is a security device — computer hardware or software — that can help protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your computer.
Not only does a firewall block unwanted traffic, it can also help block malicious software from infecting your computer.
Firewalls can provide different levels of protection. They key is determining how much protection you need.
This article can help you learn what firewalls do and determine the level of protection that will help keep your computer and the data on it safe and secure.
Firewalls are part of your network security
Firewalls represent a first line of defense in home network security.
Your home network is only as secure as its least protected device. That’s where a network security system comes in.
A firewall shouldn’t be your only consideration for securing your home network. It’s important to make sure all of your internet-enabled devices — including mobile devices — have the latest operating system, web browsers, and security software.
Another consideration? Securing your wireless router. This might include changing the name of your router from the default ID and password it came with from the manufacturer, reviewing your security options, and setting up a guest network for visitors to your home.
What does a firewall do?
A firewall acts as a gatekeeper. It monitors attempts to gain access to your operating system and blocks unwanted traffic or unrecognized sources.
A firewall acts as a barrier or filter between your computer and another network such as the internet. You could think of a firewall as a traffic controller. It helps to protect your network and information by managing your network traffic, blocking unsolicited incoming network traffic, and validating access by assessing network traffic for anything malicious like hackers and malware.
Your operating system and your security software usually come with a pre-installed firewall. It’s a good idea to make sure those features are turned on. Also, make sure your security settings are configured to run updates automatically.
How does a firewall work?
To start, a firewalled system analyzes network traffic based on rules. A firewall only welcomes those incoming connections that it has been configured to accept. It does this by allowing or blocking specific data packets — units of communication you send over digital networks — based on pre-established security rules.
A firewall works like a traffic guard at your computer’s entry point, or port. Only trusted sources, or IP addresses, are allowed in. IP addresses are important because they identify a computer or source, just like your postal address identifies where you live.
Types of firewalls
There are software and hardware firewalls. Each format serves a different but important purpose. A hardware firewall is physical, like a broadband router — stored between your network and gateway. A software firewall is internal — a program on your computer that works through port numbers and applications.
There also are cloud-based firewalls, known as Firewall as a Service (FaaS). One benefit of cloud-based firewalls is that they can grow with your organization and, similar to hardware firewalls, do well with perimeter security.
There are several different types of firewalls based on their structure and functionality. Here are the different firewalls you can implement, depending on the size of your network and the level of security you need.
A packet-filtering firewall is a management program that can block network traffic IP protocol, an IP address, and a port number. This type of firewall is the most basic form of protection and is meant for smaller networks.
While packet-filtering firewalls can be helpful, they also have limitations. Because all web traffic is allowed, it doesn’t block web-based attacks. So, you need additional protection to distinguish between friendly and malicious web traffic.
Stateful multi-layer inspection (SMLI) firewalls
The stateful multi-layer inspection firewall has standard firewall capabilities and keeps track of established connections. It filters traffic based on state, port, and protocol, along with administrator-defined rules and context. This involves using data from prior connections and packets from the same connection.
Most firewalls rely on stateful packet inspection to keep track of all internal traffic. This firewall is a step above packet-filtering in its use of multi-layer monitoring.
However, it is still unable to distinguish between good and bad web traffic, so you may need additional software.
Next-generation firewalls (NGFW)
Next-generation firewalls are more sophisticated than packet-filtering and stateful inspection firewalls. Why? They have more levels of security, going beyond standard packet-filtering to inspect a packet in its entirety. That means not just the packet header, but also a packet’s contents and source. NGFW are able to block more sophisticated and evolving security threats like advanced malware.
Network address translation (NAT) firewalls
A NAT firewall is able to assess internet traffic and block unsolicited communications. In other words, it only accepts inbound web traffic if a device on your private network solicited it.
Host-based firewalls versus network-based firewalls
There are differences between host-based and network-based firewalls, along with benefits of having both in place.
Network firewalls filter traffic going to and from the internet to secured local area networks (LAN). They typically are used by businesses that need to protect a large network of computers, servers, and employees. A network-based firewall is able to monitor communications between a company’s computers and outside sources, as well as restrict certain websites, IP addresses, or other services.
Host-based firewalls work similarly but are stored locally on a single computer or device. A host-based firewall is a software application or a suite of applications that allows for more customization. They are installed on each server, control incoming and outgoing traffic, decide whether to allow traffic to individual devices, and protect the host.
What are some of the main risks of not having a firewall?
You might already engage in certain safe computer and internet use practices, including these:
- You don’t click on unknown links or attachments.
- You only log on to trustworthy, known websites.
- You never give out any personal information unless it is absolutely necessary.
- You have strong, unique, complex passwords for each online account that you update often.
Does that make you safe enough? The answer may be “no.” If you use the internet, it’s smart to have a firewall in place. Cyberthreats are widespread and evolving. It’s important to use available defenses to help protect your network, and the personal information stored on your computer, against cybercrimes.
Here are the three main risks of not having a firewall:
Without a firewall, you’re accepting every connection into your network from anyone. You wouldn’t have any way to detect incoming threats. That could leave your devices vulnerable to malicious users.
Lost or compromised data
Not having a firewall could leave your devices exposed, which could allow someone to gain control over your computer or network. Cybercriminals could delete your data. Or they could use it to commit identity theft or financial fraud.
Without a firewall, attackers could shut down your network. Getting it running again, and attempting to recover your stored data, could involve your time and money.
Firewalls are a key part of security technology, especially when the different types of firewalls work together to provide an umbrella of protection. Firewalls can help keep your network, computer, and data safe and secure.
Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN
30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.
Join today. Cancel anytime.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.
No one can prevent all identity theft or cybercrime. Not all products, services and features are available on all devices or operating systems. System requirement information on norton.com.
*Important Subscription, Pricing and Offer Details:
- The price quoted today may include an introductory offer. After that, your membership will automatically renew and be billed at the applicable monthly or annual renewal price found here.
- You can cancel your subscription at my.norton.com or by contacting Member Services & Support. For more details, please visit the Refund Policy.
- Your subscription may include product, service and /or protection updates and features may be added, modified or removed subject to the acceptance of the Customer Agreement.
The number of supported devices allowed under your plan are primarily for personal or household use only. Not for commercial use. If you have issues adding a device, please contact Member Services & Support.
§ Dark Web Monitoring in Norton 360 plans defaults to monitor your email address only. Please login to the portal to review if you can add additional information for monitoring purposes.