BotNet News

Your source for Online Security News

A firewall is a cybersecurity solution that filters data moving between the internet and your networked devices to stop malware or unwanted connections. There are both hardware and software options. Some are built in to routers to intercept traffic as it moves between the broadband router and user systems like computers, home IoT devices and more. Others are stand-alone programs that run on a computer or server and monitor the inflow and outflow of data.

Firewalls can range from free for personal use tools to enterprise-grade solutions that cost upwards of a few thousand dollars. They prevent incoming and outgoing data from reaching or impacting networked systems by filtering and authenticating incoming/outgoing packets of data based on established criteria.

This varies depending on the type of firewall, but in general it is a process that compares information in a packet to a list of pre-determined filters/flags to determine whether the data is malicious. It uses criteria such as IP addresses, domain names, port numbers and packet protocols. This approach offers a more comprehensive way of filtering than static packet-filtering firewalls, which only check each new connection versus comparing it to previously accepted connections.

Some vendors take a step further by incorporating threat intelligence to their software-based firewalls, enabling them to identify and stop attacks more quickly than human administrators can. This is called Next-Generation Firewalls or NGFW. Companies should consider augmentation of their current security policies with a NGFW, especially those with a large number of endpoints or compliance requirements that need to be addressed.