What Is a Firewall: Definition, Uses, & Benefits
If your computer network is your castle, the network firewall is the portcullis—the main gate responsible for regulating the flow of incoming and outgoing network traffic. It’s part barrier, part screening mechanism, separating your network from third-party networks and blocking unauthorized access.
To answer the question—what is a firewall?—in-depth, this guide covers the benefits of a firewall, how it works to strengthen your cyber defenses, and different types of firewalls you can use to monitor your network.
What Is a Firewall?
In the 19th century, a firewall was a physical barrier meant to prevent fire from spreading from structure to structure. Later, in automobiles, it was a metal barrier that separated the engine compartment from the passenger cabin.
The phrase was eventually co-opted by the computing industry to refer to a digital security system that places a barrier between a trusted network and an untrusted network like the internet.
Technologically speaking, a firewall is the outermost layer of a cybersecurity framework. It monitors network traffic inflows and outflows and determines whether data packets are allowed or restricted per a defined set of security rules.
As the first line of defense against malicious traffic, a firewall guards the network entry point (port), where data may be exchanged with foreign devices. Every single data file you request from an internet source will be logged and processed by the firewall.
Packets and Firewalls
The most basic form of firewall is a packet-filtering firewall. But to understand how it works, we first need to define packets.
To transmit data across the internet, data files must be broken down into smaller pieces, typically ranging from 500 bytes to 64KB, with an average size of 1500 bytes. These are referred to as data packets, which are the snippets of data sent over the Transmission Control Protocol/Internet Protocol (TCP/IP) network.
Before they can be assembled into their final form, the firewall must analyze each data packet and confirm that a device or system within your network actually requested it.
For this example, think of a firewall as a security guard at a concert. In order to enter the venue, they may ask you to funnel through a chokepoint, display tickets and proof of identification, and then request that you pass through a metal detector. A firewall functions similarly, scrutinizing each data packet to determine:
- Where it’s going
- Where it originated from
- Whether it should be allowed in, denied, or dropped
If denied, the data packet is returned to the sender. But in the more likely scenario that the data packet is dropped, the data disappears altogether.
Benefits of Firewalls
Understanding the benefits of firewall security is how you can keep your network safe from bad actors and malicious activity. Firewalls may only serve as one facet of your cybersecurity defenses, but they play an essential role in helping you:
- Monitor network traffic – Firewalls screen incoming and outgoing activity. They monitor network traffic using pre-set rules and filters to gauge the legitimacy of every piece of data. If the firewall notices suspicious activity, it will immediately prevent its entry.
- Prevent and identify malicious activity – Malware and viruses are ever-present threats to your network security. Using these nefarious tools, a hacker can secretly monitor your activity, gather your private data, or gain control of the system. Firewalls can stop these types of attacks from gaining unauthorized access. Or, if they detect ongoing hacking activity, they will notify you to eliminate the threat. Front end development for firewall security has made it easier for users to navigate their own network security. If you’re not familiar with the career of a front end developer or the average front end developer salary, then you can rely on our resource center to help familiarize yourself with this line of work.
- Restrict outgoing data – Firewalls can restrict the traffic going in and out of a network. That way, even if a hacker or malicious code successfully gains entry, the system can limit its impact by preventing the data from leaving the system without proper authorization.
- Increase privacy – In the world of cybersecurity, data privacy is paramount. It’s especially important if you store sensitive private information like payment data or healthcare records. In such cases, having a firewall is just one of several compliance steps an organization must take to strengthen its security and uphold privacy.
Firewall Policies and Rulesets
Firewalls reference pre-established policies and rulesets to decide whether a packet should be accepted, denied, or dropped. To work as intended, the security policy must clearly define how the firewall should handle traffic relating to various factors like IP addresses, address ranges, applications, protocols, and content types. Per the National Institute of Standards and Technology’s (NIST) Guidelines on Firewalls and Firewall Policy:
“Examples of policy requirements include permitting only necessary Internet Protocol (IP) protocols to pass, appropriate source and destination IP addresses to be used, particular Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports to be accessed, and certain Internet Control Message Protocol (ICMP) types and codes to be used.”
For most rulesets, it’s better to restrict all traffic except that which is expressly permitted by the firewall policy. This decreases the likelihood of an attack occurring. It also reduces the network’s traffic volumes.
How do you create a robust policy and ruleset?
The NIST framework recommends three specific actions:
- Identify all requirements that need to be considered when determining which type of firewall to implement.
- Design rulesets that match the firewall policy without detracting from the firewall’s performance.
- Manage firewall architectures, policies, and software throughout their lifecycle, regularly updating, auditing, and patching firewalls so that they align with your organizational needs.
Types of Firewalls
A firewall will fall into one of two categories: software (host-based) or hardware (network-based).
Software firewalls are programs installed onto devices that regulate incoming traffic via port numbers and applications, whereas hardware firewalls are physical devices installed to separate your network and gateway. According to Boston University:
“Network-based firewalls may be installed at the perimeter, or edge, of a network to protect a corporation from hosts on the Internet, or internally to protect one segment of the community from another, such as separating corporate and residential systems, or research systems from marketing systems.”
There are also several subcategories of firewalls that have emerged over the years, including:
- Stateful inspection firewall – When we first explained how a firewall works, this is what we referred to. A stateful inspection firewall restricts or permits traffic according to the state, port, and protocol. But to be considered “stateful,” simply having a ruleset isn’t good enough. It must also keep a historical record of the traffic. Equipped with that information, the firewall can make more complex, contextualized decisions about whether or not a packet passes.
- Proxy firewalls – Sometimes referred to as a gateway firewall or application firewall, a proxy firewall acts as the intermediary between computers and internet servers. It secures incoming and outgoing traffic for core internet protocols by caching, filtering, logging, and controlling requests at the application level. This is considered to be one of the most secure forms of firewall since it keeps networks from automatically and directly contacting your systems.
- Next-generation firewall (NGFW) – As the name implies, firewall technology has advanced over the decades, combining traditional tech—stateful inspection and packet filtering—with modern tools. NGFW will provide:
- Encrypted traffic inspection
- Intrusion prevention systems
- Anti-virus
- Deep packet inspection
- Upgrade paths for future information feeds
- Threat-focused NGFW – This type of firewall combines the capabilities of a GFW with advanced threat detection and remediation. These systems can help you identify at-risk assets, such as photos or videos, detect suspicious activity, and react to attacks. If you’re not aware of how to flag unauthorized use of your digital assets, you can do a Google Images reverse search to see if it’s been re-published on other sites.
- Network address translation (NAT) firewalls – A NAT firewall enables multiple devices with independent addresses to connect to the internet using the same IP address without revealing their individual IP addresses. This creates an extra layer of anonymity and security.
- Virtual firewall – Typically, a virtual firewall is deployed as a virtual appliance within a private or public cloud infrastructure, monitoring and securing traffic across both physical and virtual networks.
WP Engine’s Proprietary Firewall
A firewall is your company’s first line of cyber defense. It plays an essential role in protecting your network. By monitoring, screening, and restricting traffic, a firewall helps ensure that only authorized data can gain access.
At WP Engine, we seek to instill robust security measures to create a secure WordPress hosting environment without hampering website performance. Our team uses one of the best firewalls to prevent hackers that block more than 26 billion attacks each year. Armed with proactive threat detection and a host of plugin, core, and PHP updates, the system automatically detects and directs good, bad, and malicious traffic.
But the system isn’t just automated. We also provide a live security team that practices best-in-class standards to continuously monitor your risk and compliance landscape. If a security issue arises, we provide proactive alerts so that you can stop bad actors in their tracks.
Do you need an enterprise-grade solution? Our Global Edge Security provides:
- Managed Web Application Firewall (WAF)
- Advanced DDOS mitigation
- Cloudflare CDN
- SSL installation
With dedicated and advanced security, WP Engine provides the features you need for enterprise WordPress websites that are better, faster, and safer.
We’re trusted by 170,000+ customers worldwide. So, isn’t it time you migrate now?
Sources:
- Tech Target. What Are Network Packets? And How Do They Work? https://www.techtarget.com/searchnetworking/definition/packet
- NIST. Guidelines on Firewalls and Firewall Policy. https://www.govinfo.gov/content/pkg/GOVPUB-C13-f52fdee3827e2f5d903fa8b4b66d4855/pdf/GOVPUB-C13-f52fdee3827e2f5d903fa8b4b66d4855.pdf
- Boston University. How Firewalls Work. https://www.bu.edu/tech/about/security-resources/host-based/intro/