What is a Firewall?
Firewall is a network security solution that monitors incoming and outgoing data packets to protect the network from cyberattacks like viruses or hackers. It acts as a protective wall that guards a private internal network from the Internet to prevent malware and other malicious threats from entering or leaving a business or home network.
The firewall is often a hardware device that checks for and identifies data packets that have been compromised or modified before allowing them to pass through. It may also offer additional security functionalities such as Network Address Translation (NAT), Virtual Private Networking, Enhanced Firewall Controls and more.
As the threat landscape evolves, so do the technologies that drive cybersecurity solutions. The Morris worm and other malware attacks in the late 1980s drove anti-virus product development. The Morris worm attack also highlighted the need for stronger access control and stronger security at the host level, which led to the invention of the firewall.
Firewalls are based on the principles of separating one network from another, but they can be configured with many different rules and settings. The most common type of firewall is a packet filter that examines data packets for characteristics such as the source and destination IP addresses, protocol code and port number. The firewall then compares this information to a list of permitted and blocked connections.
The packet filtering method does not necessarily block all attacks from the internet, such as Distributed Denial of Service (DDoS) attacks that attempt to overwhelm a targeted network with traffic and cause disruptions. This type of network threat requires more in-depth analysis, which led to the evolution of stateful inspection. This firewall technology allows a device to create a state table that makes decisions based on what it has learned from previous interactions.