Read Case Study > Jesse Tutt
Founder & CEO
Struggling to tell your APIs from your CDNs? Read our comprehensive cloud computing glossary covering the most common terms.
< Back to glossary
A firewall is a system of programs that controls traffic between two networks, which could be databases or directly connected systems, usually with rules established by the administrator. Think of it as the guard at the gate of the network, deciding who can enter or leave based on our rules. A firewall has been a staple of personal computers and enterprise networks to stop unauthorized access to the network and protect sensitive information.
Packet-Filtering Firewall: The Packet Filtering firewall is the basic type of firewall, looking at packets of data moved between computers. It will allow or block traffic based on rules, usually based on the IP address, port number, and/or protocol. While it is simply and fast, it does not look at the actual data transferred, leaving it open to more complex attacks.
Stateful Inspection Firewall: Stateful Inspection firewalls add more sophistication than just packet filtering. With a stateful inspection firewall, all transfers are examined, and the state is kept of the established connection. The firewall becomes aware of the traffic before and after an event and can also recognize behavior that might not fall within expected limits.
Proxy Firewall: A proxy firewall is an application layer fire wall. This firewall works by acting as an intermediary between the user and the internet. Proxy fire wall filters traffic on the application level (HTTP, FTP…) making it great for content filtering and user authentication; however, it can delay network performance because of the additional processing.
Next-Generation Firewall: A next-generation firewall (NGFW) consists of a traditional firewall and additional features for intrusion prevention, deep packet inspection, application awareness, etc. This is valuable in enterprise networks supporting the sophistication and evolution of cyber threats.
You have come across hardware and software firewalls. Hardware firewalls are physical devices often placed at the perimeter of the network, while software firewalls are programs that run on devices like laptops and servers. Many organizations implement both as part of layered security.
Protection from unauthorized access: A firewall prevents unauthorized users and unwanted traffic from accessing private networks, which is essential for effective data protection in homes and businesses.
Prevent malware from spreading: A properly configured firewall can stop viruses, worms, and malicious software from entering or spreading across a network.
Monitoring and logging: Many firewalls log all traffic data and can be a valuable tool for an administrator to watch test breaches, monitor suspicious activity or usage, which is useful for evaluating threats.
Flexible rules: Users or administrators can configure firewall rules specific to any situation, such as preventing social media on work computers, or only allowing remote access by authorized devices.
Meeting standards: Firewalls are often required to meet regulatory requirements like PCI DSS, HIPAA, or GDPR, especially in industries like finance and healthcare.
Let us say a medium-sized company that deals with financial data wants to implement a combination of both hardware and software firewalls. The hardware firewall would be the first layer of protection at the network gateway filtering from the outside world the company’s own external traffic. Software firewalls on each workstation would ensure that internal devices are not communicating with undesired external software or unknown external IPs. The layers of security through hardware and software firewalls will yield less opportunity for a breach of data by hackers or for ransomware.
