What is a firewall and do you need one?

A firewall is a security device — computer hardware or software — that can help protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your computer.

Not only does a firewall block unwanted traffic, it can also help block malicious software from infecting your computer.

Firewalls can provide different levels of protection. They key is determining how much protection you need.

This article can help you learn what firewalls do and determine the level of protection that will help keep your computer and the data on it safe and secure.

Firewalls are part of your network security

Firewalls represent a first line of defense in home network security.

Your home network is only as secure as its least protected device. That’s where a network security system comes in.

A firewall shouldn’t be your only consideration for securing your home network. It’s important to make sure all of your internet-enabled devices — including mobile devices — have the latest operating system, web browsers, and security software.

Another consideration? Securing your wireless router. This might include changing the name of your router from the default ID and password it came with from the manufacturer, reviewing your security options, and setting up a guest network for visitors to your home.

What does a firewall do?

A firewall acts as a gatekeeper. It monitors attempts to gain access to your operating system and blocks unwanted traffic or unrecognized sources.

A firewall acts as a barrier or filter between your computer and another network such as the internet. You could think of a firewall as a traffic controller. It helps to protect your network and information by managing your network traffic, blocking unsolicited incoming network traffic, and validating access by assessing network traffic for anything malicious like hackers and malware.

Your operating system and your security software usually come with a pre-installed firewall. It’s a good idea to make sure those features are turned on. Also, make sure your security settings are configured to run updates automatically.

How does a firewall work?

To start, a firewalled system analyzes network traffic based on rules. A firewall only welcomes those incoming connections that it has been configured to accept. It does this by allowing or blocking specific data packets — units of communication you send over digital networks — based on pre-established security rules.

A firewall works like a traffic guard at your computer’s entry point, or port. Only trusted sources, or IP addresses, are allowed in. IP addresses are important because they identify a computer or source, just like your postal address identifies where you live.

Types of firewalls

There are software and hardware firewalls. Each format serves a different but important purpose. A hardware firewall is physical, like a broadband router — stored between your network and gateway. A software firewall is internal — a program on your computer that works through port numbers and applications.

There also are cloud-based firewalls, known as Firewall as a Service (FaaS). One benefit of cloud-based firewalls is that they can grow with your organization and, similar to hardware firewalls, do well with perimeter security.

There are several different types of firewalls based on their structure and functionality. Here are the different firewalls you can implement, depending on the size of your network and the level of security you need.

Packet-filtering firewalls

A packet-filtering firewall is a management program that can block network traffic IP protocol, an IP address, and a port number. This type of firewall is the most basic form of protection and is meant for smaller networks.

While packet-filtering firewalls can be helpful, they also have limitations. Because all web traffic is allowed, it doesn’t block web-based attacks. So, you need additional protection to distinguish between friendly and malicious web traffic.

Stateful multi-layer inspection (SMLI) firewalls

The stateful multi-layer inspection firewall has standard firewall capabilities and keeps track of established connections. It filters traffic based on state, port, and protocol, along with administrator-defined rules and context. This involves using data from prior connections and packets from the same connection.

Most firewalls rely on stateful packet inspection to keep track of all internal traffic. This firewall is a step above packet-filtering in its use of multi-layer monitoring.

However, it is still unable to distinguish between good and bad web traffic, so you may need additional software.

Next-generation firewalls (NGFW)

Next-generation firewalls are more sophisticated than packet-filtering and stateful inspection firewalls. Why? They have more levels of security, going beyond standard packet-filtering to inspect a packet in its entirety. That means not just the packet header, but also a packet’s contents and source. NGFW are able to block more sophisticated and evolving security threats like advanced malware.

Network address translation (NAT) firewalls

A NAT firewall is able to assess internet traffic and block unsolicited communications. In other words, it only accepts inbound web traffic if a device on your private network solicited it.

Host-based firewalls versus network-based firewalls

There are differences between host-based and network-based firewalls, along with benefits of having both in place.

Network firewalls filter traffic going to and from the internet to secured local area networks (LAN). They typically are used by businesses that need to protect a large network of computers, servers, and employees. A network-based firewall is able to monitor communications between a company’s computers and outside sources, as well as restrict certain websites, IP addresses, or other services.

Host-based firewalls work similarly but are stored locally on a single computer or device. A host-based firewall is a software application or a suite of applications that allows for more customization. They are installed on each server, control incoming and outgoing traffic, decide whether to allow traffic to individual devices, and protect the host.

What are some of the main risks of not having a firewall?

You might already engage in certain safe computer and internet use practices, including these:

• You don’t click on unknown links or attachments.
• You only log on to trustworthy, known websites.
• You never give out any personal information unless it is absolutely necessary.
• You have strong, unique, complex passwords for each online account that you update often.

Does that make you safe enough? The answer may be “no.” If you use the internet, it’s smart to have a firewall in place. Cyberthreats are widespread and evolving. It’s important to use available defenses to help protect your network, and the personal information stored on your computer, against cybercrimes.

Here are the three main risks of not having a firewall:

Open access

Without a firewall, you’re accepting every connection into your network from anyone. You wouldn’t have any way to detect incoming threats. That could leave your devices vulnerable to malicious users.

Lost or compromised data

Not having a firewall could leave your devices exposed, which could allow someone to gain control over your computer or network. Cybercriminals could delete your data. Or they could use it to commit identity theft or financial fraud.

Network crashes

Without a firewall, attackers could shut down your network. Getting it running again, and attempting to recover your stored data, could involve your time and money.

Firewalls are a key part of security technology, especially when the different types of firewalls work together to provide an umbrella of protection. Firewalls can help keep your network, computer, and data safe and secure.