Firewall – meaning and definition
A firewall is a computer network security system that restricts internet traffic in to, out of, or within a private network.
This software or dedicated hardware-software unit functions by selectively blocking or allowing data packets. It is typically intended to help prevent malicious activity and to prevent anyone—inside or outside a private network—from engaging in unauthorized web activities.
What is a firewall?
Firewalls can be viewed as gated borders or gateways that manage the travel of permitted and prohibited web activity in a private network. The term comes from the concept of physical walls being barriers to slow the spread of fire until emergency services can extinguish it. By comparison, network security firewalls are for web traffic management — typically intended to slow the spread of web threats.
Firewalls create ‘choke points’ to funnel web traffic, at which they are then reviewed on a set of programmed parameters and acted upon accordingly. Some firewalls also track the traffic and connections in audit logs to reference what has been allowed or blocked.
Firewalls are typically used to gate the borders of a private network or its host devices. As such, firewalls are one security tool in the broader category of user access control. These barriers are typically set up in two locations — on dedicated computers on the network or the user computers and other endpoints themselves
How do firewalls work?
A firewall decides which network traffic is allowed to pass through and which traffic is deemed dangerous. Essentially, it works by filtering out the good from the bad, or the trusted from the untrusted. However, before we go into detail, it helps to understand the structure of web-based networks.
Firewalls are intended to secure private networks and the endpoint devices within them, known as network hosts. Network hosts are devices that ‘talk’ with other hosts on the network. They send and receive between internal networks, as well as outbound and inbound between external networks.
Computers and other endpoint devices use networks to access the internet and each other. However, the internet is segmented into sub-networks or ‘subnets’ for security and privacy. The basic subnet segments are as follows:
External public networks typically refer to the public/global internet or various extranets.
Internal private network defines a home network, corporate intranets, and other ‘closed’ networks.
Perimeter networks detail border networks made of bastion hosts — computer hosts dedicated with hardened security that are ready to endure an external attack. As a secured buffer between internal and external networks, these can also be used to house any external-facing services provided by the internal network (i.e., servers for web, mail, FTP, VoIP, etc.). These are more secure than external networks but less secure than internal. These are not always present in simpler networks like home networks but may often be used in organizational or national intranets.
Top ten firewall hardware
Bitdefender BOX
Cisco Firepower
CUJO AI Smart Internet Security Firewall
Fortinet FortiGate® 6000F Series
Netgear ProSAFE
Palo Alto Networks PA-7000 Series
Netgate pfSense Security Gateway Appliances
SonicWall Network Security Firewalls
Sophos XG Firewall
WatchGuard Firebox (T35 and T55)