Learn the Definition of a Network Firewall

Network firewalls protect an entire network from intrusions

Female Filipino IT technician working at laptop in server room


Sidekick / Getty Images 

A network firewall protects a computer network from unauthorized access. It might take the form of a hardware device, a software program, or a combination of the two.

Network firewalls guard an internal computer network against malicious access from the outside, such as malware-infested websites or vulnerable open network ports. You can find network firewalls in homes, schools, businesses, and intranets.

A network firewall also can be configured to limit the access of internal users to outside connections, as in the case of parental controls or workplace locks. Both of these features commonly prevent access to gambling and adult websites, among many other content types.

How a Firewall Works

Used to its full potential, a firewall constantly monitors all incoming and outgoing traffic. A firewall differs from a simple traffic analyzer, though, in that a network administrator can take action to control that traffic.

A firewall might disable particular applications from accessing the network, block URLs from loading, and prevent traffic through certain network ports.

Some firewalls can even be used to block everything except users and actions you specifically allow. This granular approach lets you block all activity on a network so that you can manually set up safeguards against network-related threats.

Network Firewall Software and Broadband Routers

Many home network router products include built-in firewall support. The administrative interface of these routers includes configuration options for that firewall. You can turn off (disable) a firewall entirely, or set it up to filter certain types of network traffic through firewall rules.

To learn more about firewalls and how to check that your router supports one, read up on how to enable your wireless router's built-in firewall.

Network Firewalls vs. Computer Firewalls

You can install some software firewall programs directly onto the hard drive of the computer that needs it. Some antivirus programs include built-in firewalls too. As with a network firewall, you can disable a computer-based firewall. These types of firewalls, however, protect only the computers that run them. In contrast, network firewalls protect the entire network and generally are installed at the network gateway.

Forms of Network Firewalls

Network administrators have a broad choice of approaches when choosing and configuring protection for the networks they oversee. Types of firewalls include:

  • Proxy firewall: A proxy firewall acts as an intermediary between internal computers and external networks by receiving and selectively blocking data packets at the network boundary. They provide an extra measure of safety by hiding internal LAN addresses from the outside internet. In a proxy server firewall environment, network requests from multiple clients appear to the outsider as all coming from the same proxy server address.
  • Stateful inspection firewall: This is the kind of firewall that probably comes to mind first. It provides end-to-end monitoring of traffic and uses rules that network administrators set to govern access. These rules are based on protocols, ports, and states.
  • Unified threat management (UTM) firewall: This setup incorporates antivirus and malware detection into a traditional stateful inspection firewall. A UTM firewall is often part of a network management package that might include other functions such as cloud administration.
  • Next-generation firewall (NGFW): As the name suggests, an NGFW goes beyond traditional approaches with far more sophisticated protection against attack. The technologies of NGFWs continue to evolve along with network protection strategies and the ever-increasing range and types of network threats.
  • What's the definition of 'implicit deny' for firewalls?

    An implicit deny is a firewall rule particularly relevant to the Access Control List (ACL). Implicit deny indicates that any traffic that isn't explicitly allowed is implicitly denied.

  • What is a firewall WEP key?

    WEP (wired equivalent privacy) is a standard network protocol that adds security to a network. WEP uses data encryption based on a combination of user- and system-generated key values.

Was this page helpful?