BotNet News

Firewalls protect networks by monitoring all the data packets that go into and out of a network, and then comparing them to a set of pre-configured criteria. The firewall blocks those packets that do not meet these criteria, or a specific policy. This prevents unwanted malware, viruses, or other malicious threats from entering the network and causing potential harm to the system or the data stored within it.

In schools, for instance, firewalls are used to filter websites and content that are inappropriate or unsafe for students — such as online advertising, games, fraudulent sites that host malware, or social media platforms. The same is true for businesses, where firewalls can prevent employees from accessing non-work related websites and applications that distract them or interfere with work flow.

Deep packet inspection (DPI) is a feature of some firewalls that examines incoming and outgoing data packets to ensure no harmful information is attached. This is accomplished by examining the packets at the application layer, or OSI model session layer, and checking both the packet payload (data) and headers.

A firewall may also have integrated intrusion detection and prevention systems to detect unauthorized attempts at breaching the network perimeter, such as an IPS that identifies malicious traffic based on its characteristics. Modern firewalls may also offer a zero-trust policy, which assumes that all network connections are potentially dangerous and applies additional security layers to each host that is granted access to the network.