Firewall

Glossary Term Firewall

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security 1 rules. It acts as a barrier between a trusted internal network and an untrusted external network 2 (like the internet), filtering traffic to prevent unauthorized access and malicious activity.  

Key Functions:

  • Packet Filtering: Firewalls examine each data packet (the basic unit of data transmitted over a network) and decide whether to allow or block it based on rules such as:

    • Source and Destination IP addresses: Restricting traffic from or to specific IP addresses.
    • Source and Destination ports: Controlling access to specific applications and services.
    • Protocols: Blocking or allowing specific protocols like TCP, UDP, and ICMP.

  • State Inspection: More advanced firewalls maintain a record of network connections, allowing them to track the state of ongoing communication sessions and make more informed decisions about which traffic to allow.

  • Intrusion Detection and Prevention: Some firewalls incorporate intrusion detection and prevention systems (IDPS) to identify and block malicious traffic, such as malware, viruses, and exploits.

  • Application Control: Modern firewalls can control access to specific applications, such as social media, gaming, and streaming services.

Types of Firewalls:

  • Packet Filtering Firewalls: Basic firewalls that examine individual packets based on simple rules.
  • Stateful Inspection Firewalls: More advanced firewalls that track the state of network connections.
  • Application-Level Firewalls: Operate at the application layer, allowing for more granular control over network traffic.
  • Next-Generation Firewalls (NGFWs): Advanced firewalls that incorporate multiple security features, such as intrusion prevention, malware detection, and URL filtering.

Example:

  • A company firewall: A company might implement a firewall to:
    • Block malicious traffic: Prevent hackers from accessing internal networks and systems.
    • Restrict employee access: Prevent employees from accessing unauthorized websites or downloading malicious software.
    • Protect sensitive data: Prevent the exfiltration of confidential data from the company’s network.

Conclusion:

Firewalls are a critical component of any organization’s cybersecurity strategy. They provide a crucial first line of defense against cyber threats, protecting valuable data and resources from unauthorized access and malicious activity.

Skip to content