You know that well-built person who stands outside the local bar, keeping an eye out to make sure only the “right” type of person gets in so unsavory guests don’t go ruining the evening for everyone else? Well, your computer’s got a bouncer too that performs a similar task — say hello to the firewall. It protects your computer and mobile devices from unauthorized access and prevents other unwelcome users from modifying, copying, or deleting your data.
Read on to learn all you need to know about firewalls, the different types, why you need one, and how you can best protect your devices from unwelcome attempts to get at your data.
What’s a firewall, and why do I need one?
A firewall can either be a combination of a hardware and software solution or a purely software solution on a computer or network. A firewall is used to allow or deny the transfer of data between different networks based on predefined rules.
Wikipedia has a lot if info on firewalls, but here’s a summary. In 1989, the American telephone company AT&T launched what is known as a stateful firewall — the first piece of software to dynamically inspect the individual data packets of internet traffic. It was invented because threat situations existed even in the early years of the internet. These include the Morris computer worm that appeared in 1988 (Wikipedia has details about that too).
Fast-forward to today, and if you consider that only a few people used the internet in the early years and that large sections of the population now use it day in, day out without a second thought, it quickly becomes clear: Equipping computers or networks with functioning firewalls is more important than ever — and it’s even something that’s motivated insurance companies to offer cyber-insurance products. After all, not a day seems to go by without a warning about new viruses, phishing scams, and cyberattacks.
Firewalls sit at the interfaces between individual networks or computer systems. They control data traffic, for example, between the internet and private or corporate networks which contain areas with particularly sensitive data. In this regard, it must be ensured that all incoming and outgoing requests in the form of data packets are only let in and delivered where they are permitted. To do so, a firewall works according to predefined rules to open, block, and monitor the inputs and outputs (ports).
How does a firewall work?
For us as internet users, firewalls increase security by means of various mechanisms and perform a number of background tasks. These include:
- Firewalls help ensure that we get to enjoy mostly uninterrupted, yet more secure access to public networks such as the internet.
- They prevent unauthorized access to our own network.
- Firewalls ensure key processes such as authentication and identification as well as data encryption can function.
If your computer or a company network is connected to the internet, many “doors” are opened. These doors, also called ports, allow computers to communicate with each other, which they do such as when you send emails or go online. If such a port is open, theoretically anyone can use it to send or receive data over the internet. This is where a firewall comes in, protecting open ports from unauthorized access.
The more ports are open, the easier it is for intruders to gain access to the system. Unsecured communication channels, such as email settings and internet downloads, can become a gateway for attackers who can gain access to the system and install malware.
In the worst case, this malware will take control of your device. To increase your computer’s chances of detecting malware, alongside having a firewall it’s a good idea to install an antivirus app to boost your defenses. Avira Free Security , for example, adapts to your digital lifestyle and helps you protect your data and devices from cyber-threats — including those already lurking on your computer, such as weak passwords or outdated apps.
Where can I usually find a firewall?
When you purchase a Windows PC, laptop, or Mac, the operating system already comes with a pre-configured firewall to give you effective protection. These types of firewall are also called personal firewalls because they protect individual devices.
If you connect your new device to your Wi-Fi network, for example, the rules are set governing which computers your computer may communicate with and in which language. Firewalls have a reminder function, which means that they remember previous communication confirmations. For example, if you connect your computer to a familiar Wi-Fi network, it will be detected immediately and the corresponding rules will be applied automatically.
External firewalls are often used in companies or households with multiple devices. They are usually installed on a server that connects and protects the devices belonging to the network with the help of firewall software.
What are the key functional components of a firewall?
The architecture behind firewalls usually includes countless components that perform individual subfunctions as part of a complex security solution.
Proxies represent a kind of buffer from the local network to the internet. When you access a web page, your request is first directed to the proxy which executes it on your behalf and then provides you with the page.
Packet filters are routers that start routing only when the predefined rules (filter rules) allow it. To do this, they inspect the individual sections in the (TCP/UDP/ICMP) headers and compare them with your firewall’s defined rules. When you visit an unsafe website, you are warned thanks to this functional component in your firewall.
Web filters, which build on URL filters, activate and deactivate certain subfunctions of web pages with dangerous content, unwanted applications, or malware — and also protect against phishing and malware attacks.
Packet inspection is a further functional component of a firewall. It enables packets with certain data or code segments to be detected, classified, redirected, or blocked.
What types of firewall are there?
A lot has happened in the field of security solutions since the early days of the internet, making it impossible to compare today’s firewalls to the first firewall offered by AT&T. Countless solutions are now available, four of which we’ll take a closer look at:
- Proxy firewalls
- Stateful inspection firewalls
- UTM firewalls
- Next-generation firewalls
What is a proxy firewall?
We’ve already mentioned proxies as a functional component of firewalls. A proxy firewall does not allow a direct connection between your home network and the internet; rather, it accepts requests and executes them on your behalf.
For example, if your network is behind a proxy firewall and you enter an internet address in your browser, the request first goes to the firewall. It accepts the page on your behalf and does not show it to you until it is sure that your proxy firewall’s defined security rules accept the page to be visited.
While experts are of the view that this process of submitting data is a bit slower, it creates greater flexibility and allows more stringent security measures to be applied. For us users, we don’t ever notice any delay in getting the web page to show on our screens.
What is a stateful inspection firewall?
A stateful packet inspection firewall (SPI) uses a dynamic packet filtering technique that takes the state of a data connection into account when inspecting packets. For example, it detects active TCP sessions and can allow or block data packets based on the session status.
SPI offers greater security because with this technology every internet session is inspected from start to finish with regard to the protocol, port as well as source and destination address. At the same time, this reduces the number of rules to be defined within the firewall. Unlike packet filtering and connection gateways, a stateful packet inspection firewall places a greater load on network performance because queries are made continuously.
What is a UTM firewall?
UTM stands for “unified threat management”. A UTM firewall is designed to provide security for an entire network from a central location, combining various functions or security tasks in a practical way.
Whether spam protection, virus protection, content filtering, internet or VPN gateway, or two-factor authentication: A UTM firewall is certainly one of the more innovative solutions when it comes to a firewall that protects against the most diverse threat situations.
Top tip: If you often surf the internet using public Wi-Fi hotspots, such as in cafes or on trains, you could fall victim to a hacker attack and put your log in details at risk. Virtual private networks — or VPNs — boost your protection by encrypting the data you send and receive. One of the best ways to strengthen your armor is to use Avira’s free VPN so you can surf anonymously and more securely — even when using public hotspots.
What is a next-generation firewall?
Next-generation firewalls (NGFWs) represent the third generation of firewall technology and are integrated as “application layer firewalls” either in hardware or software. These firewalls can detect and block even more complex attacks by enforcing security policies at the application, port, and protocol levels.
Unlike previous firewalls, next-generation firewall solutions can specifically regulate the data packets of individual apps. This is because NGFWs can also analyze app content — and block malware.
NGFWs are therefore a true blessing especially for companies, because IT managers and admins can also use them to configure a set of rules for different users with corresponding rights.