BotNet News

Firewall is a network security solution that monitors and filters incoming and outgoing network traffic to prevent and mitigate cyber threats. As your organization’s first line of defense, it blocks incoming threats based on a set of pre-programmed rules.

The term “firewall” was coined in the 1980s by researchers at Digital Equipment Corp (DEC) and has since grown to become a widely used term in cybersecurity. However, the firewall’s roots go back much further, and multiple creators have expanded on various firewall-related components and versions over time.

A firewall is a programmable filter between your computer or network and the internet that tries to match information attempting to enter your system against a series of technical statements, known as firewall rules, that tell it what to do. When a rule is matched, the firewall takes an action and either passes or discards the packet of data.

Different types of firewall solutions employ differing methods to process incoming and outgoing network traffic. In general, firewalls vet external connections by looking at IP source and destination addresses, as well as port numbers that designate the purpose of each data packet.

Most of the time, a packet of data that reaches your firewall will use one of three major transport layer protocols: TCP, UDP, or ICMP. Each of these protocols have a unique identifier that allows the firewall to differentiate between different communication sessions and identify malicious attempts to gain access. A stateful inspection firewall checks the contents of a packet by comparing it to a table of existing connections and either allows or denies it based on the context of the entire communication session.