What Is a Firewall and How Does it Work?

You don't have to be a network expert to set up your own firewall

Image of a lock over a world map

Tumisu/Pixabay

A firewall is a security tool that protects your network from hackers. Whether you're using a home internet connection, or you're accessing the internet from your company's corporate network, understanding what a firewall is and how it works is important.

A network firewall will keep out hackers attempting to exploit vulnerabilities in a network connected to the internet. It does this by blocking certain types of communication over networks. However, sometimes this can cause problems with certain applications.

If you understand what a firewall can do, you can avoid any problems it can cause.

Firewall Definition

A firewall is either a hardware device or a software app that filters all incoming and outgoing network traffic. The firewall will allow or block traffic depending what the firewall was configured to block.

In most cases, a network firewall is a hardware device placed on the network between the internal Local Area Network (LAN) and the external internet. In the case of a computer, the firewall is usually a software application.

For example, Windows 10 comes with an application called Windows Defender Firewall, which filters all incoming and outgoing internet traffic for the computer.

Screenshot of the Windows Defender Firewall

Firewalls allow you to create incoming or outgoing "rules" for specific applications, communication protocols (like FTP or HTTP), or even special rules for communication to or from specific computers or network ports.

What Does a Firewall Do?

A firewall will examine incoming and outgoing traffic in different ways, depending on the type of firewall you're using.

  • Packet Filtering: The most common type of firewall is one that inspects every individual network packet as it's transmitted through the firewall. The firewall examines what's known as the "packet header" to determine what the packet of information is, where it's coming from, and where it's going. The firewall makes allow or deny decisions for each individual packet.
  • Stateful Firewall: This type of firewall also examines the connection state of a packet and collects multiple packets related to that connection. The firewall rules are then applied to the entire group of packets at a time. This improves performance because once a connection is made, the firewall doesn't have to constantly monitor and allow or deny packets.
  • Application Firewall: This firewall can sort packets into related applications or services running on your computer. These are called proxy-based firewalls. They can improve performance because you can set allow or deny rules for individual applications.

If a device such as a router or some other firewall device is handling network firewall filtering, it will often include one or more of these firewall types.

Network traffic consists of Transport Control Protocol (TCP) communication, which involves sending information groups known as "packets", which include a header. The packet header reveals the source and destination addresses of the packet, as well as other metadata about it including connection state. Firewalls use packet headers to apply rules.

How Firewall Rules Work

Setting up firewall rules is generally the same regardless of whether you're setting up a software or hardware firewall.

You'll create a new rule, and you need to choose the type of firewall rule you want to create.

Screenshot of creating a firewall rule

In Windows Defender Firewall, for example, you can create a rule for a specific program, a port and IP address, or customize your own.

For each rule you create, you'll need to define whether you want the firewall to block or allow the connection if the incoming packets match the rule you've defined.

Firewall Security

On any network, there are different locations where you can configure a firewall.

  • On individual computers or servers
  • In a home router that controls internet traffic for a home network
  • Using an internet gateway that protects a corporate network from the internet
  • With network firewall devices placed inside a home or business network to protect smaller internal networks from traffic in the larger corporate network

In most cases, corporate IT controls the firewalls on a corporate network. But if you're a home user, you have access to firewall settings on your own computers or your home router.