How Firewalls Work

A firewall is a network security system that monitors and filters incoming and outgoing traffic based on predefined rules. It acts as a barrier between a trusted internal network and untrusted external networks like the internet.

Types of Firewalls

  • Packet-filtering firewalls — inspect packets against simple rule sets (source, destination, port).
  • Stateful inspection firewalls — track the state of active connections for more context-aware filtering.
  • Application-layer firewalls — inspect traffic at the application level, understanding specific protocols.
  • Next-generation firewalls (NGFW) — combine traditional filtering with intrusion prevention and deeper inspection.
example: conceptual firewall rule
ALLOW tcp  src=ANY  dst=192.168.1.10  port=443
DENY  tcp  src=ANY  dst=192.168.1.10  port=23

Firewalls at Home

Most home routers include a basic firewall by default. Keeping router firmware updated and disabling unused remote-management features helps maintain this protection.

Best Practices

  1. Follow the principle of least privilege — only allow traffic that is explicitly needed.
  2. Regularly review and remove outdated firewall rules.
  3. Log and monitor blocked traffic for signs of scanning or attack attempts.
  4. Combine firewalls with other layers of defense, such as endpoint protection.