What Is a Firewall?
A firewall is a piece of hardware or software that protects a network or individual computer from cyberattack. Firewalls examine data packets that enter the protected device or network, allowing only those with approved security credentials to do so. If a threat is detected, the packet is blocked and the malware is prevented from spreading to other devices or networks. Firewalls can be physical hardware appliances that plug into your network, software based, or even cloud based. Many operating systems (OS) include rudimentary firewall capabilities, and it’s best to keep them enabled to prevent potential attacks.
A basic firewall (sometimes called a static packet filter) operates at the OSI network layer and inspects individual data packets for where they’re from, where they’re going, and their packet protocol type. Static packet filters do not keep a record of previously accepted connections and must vet each connection each time it comes in. Newer firewalls have added stateful inspection capabilities, and next generation firewalls or NGFWs add the ability to examine application-level data packets as well.
Host-based firewalls monitor and control the inbound and outbound network traffic for each specific device they’re installed on. They can be third-party software, or they may be included with a base operating system such as Windows or MacOS. Some modern firewalls also incorporate intrusion prevention or detection systems, allowing them to stop threats by recognizing patterns in their attack signatures and preventing them from entering your network.