What is a firewall?

The Neeva Team on 11/19/21

If your home network were a castle, your firewalls would be its walls, surrounding your stronghold, keeping out your medieval enemies. Only select traffic could pass through your barrier’s gates, which open only when those requesting entry are familiar to your watchful gatekeepers.

A firewall’s purpose is to establish a barrier between your internal network and an external network, like the internet. It's a gatekeeper between your virtual domain and the outside world.

Like castle walls, firewalls are your network’s first line of defense. The next sections explain what a firewall is, how it works, and its various forms—all of which can help you determine the level of protection you need to keep your data and devices secure.

​​What is a firewall?

A firewall is a network security device—hardware, software, or both—that monitors and manages incoming and outgoing network traffic. It protects your network by assessing and filtering data packets based on a set of security rules.

As you browse the web, send emails, or stream movies, you request data from specific web servers. Your firewalls stand between your local network and the internet, sifting through your network’s traffic, accepting the data you requested and blocking unwanted or unrecognized connections, like malware and cyber attacks, from accessing and compromising your device.

A firewall’s purpose is to establish a barrier between your internal network and an external network, like the internet. It's a gatekeeper between your virtual domain and the outside world. Antivirus software, on the other hand, helps protect your devices, not your network, from malware and other threats.)

Firewalls provide various levels of protection depending on your needs. Most security software and operating systems (OS) come with firewalls installed. Be sure yours are turned on and configure your security settings so that updates run automatically.

How does a firewall work?

To prevent attacks, a firewall analyzes traffic based on pre-established rules, and welcomes only incoming connections it’s been configured to accept. This happens at your computer’s entry points, known as ports, where information is exchanged with external devices. A device may have multiple ports, identified by port numbers.

Typically, only sources with IP addresses known to your firewall may send traffic into your network. An IP address identifies a source in the same way your home address identifies where you live. Every device, including yours, has its own IP address which helps deliver content and information from the internet. No two IP addresses are exactly alike.

Only allowed sources—that is, only external IP addresses explicitly allowed by the firewall—can interact with your device through its ports.

The history of firewalls

Firewalls have been protecting networks for a quarter century, and have evolved to offer advanced protection.

  • 1980s. American tech companies Cisco Systems and the Digital Equipment Corporation developed the first firewall in the late 80s, as cyberattacks on networks and PCs were becoming a problem. These basic firewalls were packet-filtering systems, and worked at the network layer, involving routers, servers, and wireless networks. These firewalls allowed or denied packets based on their apparent source, destination, and connection type, but were easily foiled.
  • 1990s. In the early 90s, attacks on networks were upsetting business particularly. Application-layer firewalls emerged in response. These work at the software level, involving websites, databases, mobile apps, as well as client and server applications. While more complicated to set up and operate, application-layer firewalls performed more thorough inspections than earlier firewalls.
  • 21st century. By the early 2000s, most firewalls were hybrids of network-layer and application-layer firewalls. In 2010, evasive, targeted polymorphic attacks brought about anti-bot and sandboxing products. By 2017, large-scale, multi-vector attacks began driving advanced threat-prevention solutions, which are still being developed in response.

Types of firewalls

There are all kinds of firewalls, broken down in various ways. Different types of firewalls working in tandem provide an umbrella of protection.

First, a firewall can be deployed as software or as a hardware firewall. Each serves a different purpose:

  • A software firewall, also known as a host-based firewall, is a software application (or a suite of applications) that runs locally on devices in your network, controlling each device’s incoming and outgoing traffic through port numbers and apps.
  • A hardware firewall, or network firewall, on the other hand, is a physical appliance such as a broadband router, stored between your network and gateway. It filters traffic to and from the internet to a secured local area network (LAN), i.e. your local network, and imposes a network boundary, where inbound and outbound network traffic is inspected as it passes through.
  • There are now also cloud-based firewalls, called Firewall as a Service (FaaS), which offer perimeter security like hardware firewalls. These can also be quickly scaled to suit an expanding network.

There are then different types of firewalls based on structure and functionality, including but not limited to:

  • Packet-filtering firewalls. These are the most common and basic form of protection, and are meant for smaller networks. Packet-filtering firewalls analyse packets’ source and destination IP addresses, preventing those that don’t match their rule set from passing through, allowing those they trust to enter. But they offer only limited protection. For one, they can’t block web-based attacks because they can’t tell if the contents of a request endanger the destination application. You need additional protection to pick out malicious web traffic.
  • Proxy firewalls. A proxy is someone authorized to act on behalf of another. Likewise, a proxy firewall—also known as an application firewall or gateway firewall—serves as a gateway from an outside network to an internal network on behalf of an application. Whereas a traditional firewall simply blocks access to unauthorized connections, a proxy firewall acts as an intermediary between your internal network and the web, and filters traffic at the application level. The downside is proxy firewalls limit the applications your network can support, and can affect its functionality and speed.
  • Stateful inspection firewalls. Considered traditional firewalls, stateful inspection firewalls—or stateful firewalls—analyze incoming traffic for potential risks while keeping track of active network connections. Connection data and other contextual data is stored and dynamically updated, then used to evaluate future connection attempts. In other words, filtering is based on established rules and contextual information from previous connections.
  • Next generation firewalls (NGFW). NGFWs offer more functionality than traditional firewalls, including encrypted traffic inspection, application-layer inspection, intrusion prevention systems (IPS), and most notably, deep packet inspection (DPI), allowing examination of a packet’s contents and source, rather than just its header. Next generation firewalls can block sophisticated security threats, like advanced malware and application-layer attacks, making them the standard for most companies.
  • Network address translation firewalls. A NAT works on your router to protect your network by only allowing inbound traffic to pass through if a device on your network requested it. It also masks your devices’ private IP addresses with a single public address, preventing attackers from accessing specific details about your network. A NAT firewall is like a proxy firewall in that it acts as an intermediary between your internal network and the web.

Why do we need firewalls?

If you use the internet (which, to read this, you are) it’s best to have firewalls in place. They’re your network’s security system; your first line of defense against malware and cyber attacks, which are widespread and continuously evolving. Firewalls set up specific policies to determine what’s allowed in and out of your network, and what isn’t.

Without firewalls you're vulnerable to:

  • Unmitigated access to your network. There are public networks to which anyone can connect, like the internet, and there are private networks, to which access is restricted. A firewall helps keep yours private. You shouldn’t accept every connection into your local network. With open access, you can’t detect incoming threats, leaving your device and your personal data open to threats and malicious users—not worth the risk.
  • Lost or compromised personal data. An open network is a welcome site for malware. Malware invades, damages, and disables computer systems, often by taking partial control of its operations. In most cases, cybercriminals use malware to extract personal data they can then leverage for money, including healthcare records, financial information, emails and passwords.
  • Network crashes. Left unchecked, attackers and malware can take down your entire network. Getting it working again as well as recovering your data can be long and expensive—and will leave you wishing you’d taken the right precautions from the start.

Firewalls shouldn’t be your only line of defense against malware and other threats. Consider them as a layer of security, part of a comprehensive online security regimen. Additionally you should:

  • Keep everything up to date. Be sure all of the internet-enabled devices on your network—including your mobile devices—are up to date with the latest OS, web browsers, and security software. Outdated software creates security vulnerabilities that are routinely patched with software updates. The latest version is the safest version.
  • Never download and/or run software from a provider you don’t trust. All of the protections provided by a firewall and other security software are easily moot by the simple act of downloading and running some malicious software from the internet.
  • Secure your wireless router. Your router is the device that receives and sends data between the internet and the internet-enabled devices in your home. Replace the default manufacturer ID and password it came with, review your security settings, and set up a guest network for visitors.

Are you ready for a search engine that prioritizes your safety and protects your data? Neeva is the world’s first private, ad-free search engine, committed to showing you the best result for every search. We will never sell or share your data with anyone, especially advertisers. Try Neeva for yourself at neeva.com.