How Firewalls Work
A firewall is a network security system that monitors and filters incoming and outgoing traffic based on predefined rules. It acts as a barrier between a trusted internal network and untrusted external networks like the internet.
Types of Firewalls
- Packet-filtering firewalls — inspect packets against simple rule sets (source, destination, port).
- Stateful inspection firewalls — track the state of active connections for more context-aware filtering.
- Application-layer firewalls — inspect traffic at the application level, understanding specific protocols.
- Next-generation firewalls (NGFW) — combine traditional filtering with intrusion prevention and deeper inspection.
example: conceptual firewall rule
ALLOW tcp src=ANY dst=192.168.1.10 port=443
DENY tcp src=ANY dst=192.168.1.10 port=23
Firewalls at Home
Most home routers include a basic firewall by default. Keeping router firmware updated and disabling unused remote-management features helps maintain this protection.
Best Practices
- Follow the principle of least privilege — only allow traffic that is explicitly needed.
- Regularly review and remove outdated firewall rules.
- Log and monitor blocked traffic for signs of scanning or attack attempts.
- Combine firewalls with other layers of defense, such as endpoint protection.