Definition of firewall
A firewall is a security device (hardware or software) that protects a network by filtering traffic and preventing unauthorized access to personal data on a computer. In addition to blocking unwanted network traffic, a firewall helps prevent malware from infecting a computer. Firewalls can provide different levels of protection. It is important to determine the level of protection needed. The following topics provide information to help you understand how firewalls work and determine what level of protection you need to protect your computer and the data it contains.
How do I know which configuration settings to use?
Most firewalls on the market, both hardware and software, are preconfigured and ready to use. All firewalls are different, so read the documentation provided to see if the default firewall configuration is appropriate for your needs. This is especially important, as the default settings are often less restrictive and can make the firewall more vulnerable to attacks. Alerts about ongoing malicious activity (e.g., CISA alerts) may contain information about restrictions you can set on your firewall.
What Does a Firewall Not Do?
Firewalls do not necessarily protect against all threats. There are still many threats that can affect your network. Malware includes ransomware, viruses, worms, spyware, adware, scams, phishing and Trojans that can infect computers and take control of them.
Other firewall functions
A firewall is placed between a network (such as the Internet) and the computer (or local network) protected by the firewall. For home users, the primary function of the firewall is to block unwanted network traffic, but a firewall can do more than that. Because the firewall sits between two networks, it can analyze the traffic entering and leaving the network and decide what to do with it. For example, a firewall can be configured to block certain types of outgoing traffic or to log suspicious traffic (or all traffic).
Hardware vs. software firewalls
Note that there are two types of firewalls: hardware firewalls and software firewalls. Hardware firewalls are, as the name suggests, physical devices similar to routers that filter network traffic. Their purpose is to protect the network and endpoints. A hardware firewall, on the other hand, attempts to protect the entire network with a single device. It is therefore vulnerable to attacks from interconnected links in the network.
Using a software firewall requires a more detailed approach, as the firewall must be installed on each local device. A software firewall is usually part of the antivirus software or operating system and works in the same way as a hardware firewall. It monitors and filters traffic, but is limited to specific end devices.