What Is A Firewall?
You may have heard of the term ‘firewall’ when referring to IT or Internet security. Maybe even in a literal sense – a wall which actually stops fire. But what is a firewall? What do they do? How do they work? Why are they important for network security?
Video: Network Firewall Questions Answered
Find answers in this short explainer video from PowerCert Animated Videos. (FYI – PowerCert have lots more great IT and technology related videos on their channel).
Video transcript: What is a firewall? Now a firewall is a system that is designed to prevent unauthorized access from entering a private network by filtering the information that comes in from the internet.
A firewall blocks unwanted traffic and permits wanted traffic. So a firewall’s purpose is to create a safety barrier between a private network and the public internet because out on the internet, there’s always going to be hackers and malicious traffic that may try to penetrate into a private network to cause harm and a firewall is the main component on a network to prevent this.
A firewall is especially important to a large organization that has a lot of computers and servers in them because you don’t want all those devices accessible to everyone on the internet where a hacker can come in and totally disrupt that organization. So that’s why you need a firewall to protect them.
So a firewall that’s used in computer networks is very similar to how a firewall works in a building structure. In fact that is where the word “firewall” came from. A firewall in a building structure provides a barrier, so that in the event of an actual fire on either side of the building, the firewall is there to keep the fire contained and to keep it from spreading over to the other side.
So the firewall is there to keep the fire from destroying the entire building. But if the firewall wasn’t here, the fire would spread over to the other side and then the whole building would be destroyed and a network firewall works in a similar way as a structure firewall. It stops harmful activity before it can spread into the other side of the firewall and cause harm to a private network. So in today’s high-tech world, a firewall is essential to every home and especially in a business or an organization to keep their network safe.
Now a firewall works by filtering the incoming network data and determines by its rules if it’s allowed to enter a network and these rules are also known as an “access control list”. These rules are customizable and are determined by the network administrator. The administrator decides not only what can enter a network but also what can leave a network. So these rules either allow or deny permission.
So as an example here, we have some rules in a firewall’s access control list and it shows a list of IP addresses that have been allowed or denied by this firewall. As you can see, traffic from some IP addresses are allowed to enter this network. But traffic from one IP address has been denied.
So if traffic from this IP address tried to get into this network, the firewall will deny it because of the rules that are set in the firewall. But the other IP addresses are granted access because the rules allow them. Now firewalls don’t just make rules based on IP addresses. But they can also make rules based on domain names, protocols, programs, ports and keywords.
So let’s say in this example the firewall rules are controlling access by port numbers and let’s say that the rules have allowed incoming data that’s using port number 80, 25 and 110 and the data using those ports had been given access to this network. So any incoming data that’s using those ports can pass through the firewall. But also in this firewall, the rules have denied any data that’s using port numbers 23 and 3389. So any incoming data that’s using those port numbers, the firewall will deny access and it won’t get past the firewall.
So in a nutshell, this is how firewalls basically work. Now firewalls do come in different types and one type is called a host-based firewall and this is a software firewall. This is the kind of firewall that is installed on a computer and it protects that computer only and nothing else.
So for example, later versions of Microsoft operating systems come pre-packaged with a host-based firewall and you can see that example here and there are also third party host-based firewalls that can be purchased and installed on a computer. So for example, Zone Alarm, which is a popular third party host-based firewall and also a lot of antivirus programs will have a built-in host-based firewall.
Another type of firewall is called a network-based firewall. A network-based firewall is a combination of hardware and software and it operates at the network layer and it is placed between a private network and the public internet.
But unlike a host-based firewall where it only protects that computer, a network-based firewall protects the entire network and it does this through management rules that are applied to the entire network so that any harmful activity can be stopped before it reaches the computers.
Now network-based firewalls can be a standalone product, which is mainly used by large organizations and they can also be as a built-in component of a router which is what a lot of smaller organizations rely on or they can also be deployed in a service provider’s cloud infrastructure.
Now a lot of organizations will use both network-based and host-based firewalls. They will use a network-based firewall to protect the entire network as a whole and they will also use host-based firewalls for their individual protection for their computers and servers. By doing this, it will ensure maximum protection because if harmful data just so happens to get past the network firewall, the host-based firewalls on each computer will be there to stop it.
So thank you everyone for watching this video on firewalls. Please subscribe and I will see you in the next video. Thank you.
About Fastmetrics, Inc. Building & Business ISP
Since 2002, Fastmetrics is the Bay Area’s only dedicated business ISP. We provide telecommunication services in California and the San Francisco Bay Area. Reliable service – backed by better live and local support. From install to 24-7 proactive monitoring, get treated like a VIP customer. Not a number by a faceless call center. We specialize in managed business internet and phones, dedicated high speed business fiber internet, business WiFi, SIP voice solutions / UCaaS and managed network services. We are a Microsoft and Cisco Meraki Partner. Our team are Certified Cisco Specialists, Ubiquiti Enterprise Wireless Accredited and Polycom Authorized Solution Advisors. We take care of your business network, so you can focus on growth.