A firewall is one of the most effective methods for securing your network from external threats. In a non-technical setting, a firewall is a physical, fire-resistant wall that is designed to keep a fire from spreading from one area to the next. Similarly, a computer security firewall is a software program or a hardware device that is designed to keep malicious threats from spreading from the public network to a private network or device. Firewalls provide defense against spyware, virus attacks, and hacking. They can also help to ensure that sensitive information is kept private.

Functions of Firewalls

• Threat Mitigation: Firewalls help prevent unauthorized access and cyber-attacks by blocking malicious traffic.
• Traffic Control: They regulate network traffic, allowing only legitimate communication.
• Enhanced Security: By setting rules, firewalls protect sensitive data and ensure compliance with security

Types of Firewalls

• Software – or host-based firewalls are programs that are installed on a computer. Most modern operating systems have built-in firewall software. Microsoft, for example, provides Windows Defender Firewall. These built-in firewalls help to monitor port traffic and traffic between applications.
• Hardware – or network-based firewalls are deployed between a network and an internet gateway. In-home or small business settings, a router often has built-in firewall protection to stop unwanted traffic from the outside. Larger organizations use separate firewall devices to protect their network.

Network Profiles

The network profiles help tailor the firewall's behavior based on the network's trust level and security requirements.

• Domain Network: This is a network where the computer is connected to a domain of the company and is typically used in enterprise environments. This allows to apply settings for computers that are part of a corporate or organizational network, allowing for centralized management.
• Private Network: This is a network, such as a home or small office network, where the one or more computers can be trusted. Here, a more relaxed security settings can be applied, allowing devices within the same network to communicate more freely.
• Public Network: This is a network where the computer is connected in a public place, like a café or airport. This needs a restrictive settings to prevent unauthorized access and ensure maximum security in untrusted environments.

How Firewalls Work

A firewall works by monitoring all incoming and outgoing network traffic. The firewall decides whether to permit or deny the traffic based on a predefined set of rules.  Firewalls can monitor and filter traffic using several different methods.

Packets are small pieces of data that travel across a network. A firewall that uses packet filtering reviews each packet that tries to access a network or device. Any packets that match known threats or that have been explicitly denied are removed and all other packets are sent through to their destination.

Stateful inspection, also known as dynamic filtering, monitors the state of active network connections.  It relies on patterns to analyze and monitor traffic for potential threats.

A proxy firewall serves as a go-between for the requesting system and the internet. Information is first sent to the proxy service before it is forwarded to its destination.

Filters - Controlling Network Traffic