A firewall is a online security measure to protect your computer from viruses and other malicious attacks. You can use the internet to communicate with around 4.9 billion people worldwide, according to the International Telecommunication Union (opens in new tab), and access more knowledge than at any other time in history.
To stop this from happening, a firewall controls the data flowing between your computer and the internet, according to the Canadian Conference on Electrical and Computer Engineering (opens in new tab). Think of this like a border guard checking your passport when you go on holiday. A firewall inspects data to make sure it has the right permissions. If it does, it can pass through — if it doesn't, it's instantly blocked.
Firewall security: your first line of defence
A firewall works at your computer's ports. When we're talking about computer networking, a port isn't the same as a jack or socket you plug your monitor into. Rather it's a virtual entry point where your computer exchanges information with other networks.
Every computer has lots of ports, each of which handles different kinds of data. For instance, according to the Internet Measurement Conference (IMC) (opens in new tab), emails often go to port 25 while webpages go to port 80 — even though they both come through the same internet connection.
When a firewall checks if data can enter your network, it'll read a message that comes with it called metadata. This will list a string of numbers indicating where the data has come from (known as the source address), where it's going (the 'destination address' aka your PC) and over which port.
Whether the data has permission will all depend on a set of rules known as a protocol, which a computer's owner or an IT manager can adjust any they want, according to the journal Stanford Law Review (opens in new tab). As well as restricting what types of files you can download onto your computer, these rules can be set to prevent you — or any other particular user – from uploading certain files to the internet.
Most likely, your firewall is installed as a program on your computer. But there are also hardware firewalls that plugin between your computer and internet router. However, hardware firewalls still rely on software to monitor ports. So the only real difference between firewall software and firewall hardware is that one filters data on individual computers, while the other does it for whole computer networks If you're extra concerned about your cybersecurity, you can use both software and hardware firewalls.
How firewalls protect data
A video file isn't sent from YouTube to your computer as a single file. Instead, it's broken down into smaller pieces called data packets, which reassemble once you receive them, according to the website security company Cloudflare (opens in new tab). Packet-filtering firewalls will check each data packet to make sure it has permission to pass through your network.
While this remains the most common type of firewall, it was developed in the late 1980s. Cybercriminals have become a lot more sophisticated since then. To compensate, new types of firewalls have emerged.
Stateful packet inspection firewalls don't just assess each data packet, according to the book Configuring Juniper Networks NetScreen & SSG Firewalls (opens in new tab). It also makes sure they all come from the same network connection. Meanwhile, the way we use the internet has changed. You're much more likely to use an app than a website, which works very differently, often switching between ports. So new application-layer firewalls have to analyse the actual data, not just read the metadata.
You can read about five different types of firewall in this article by Tech Target (opens in new tab). To learn more about Web Application Firewall (WAF), watch this informative video by website security company Cloudflare (opens in new tab).
- "Individuals using the Internet (opens in new tab)". International Telecommunication Union (2022).
- "Design a hardware network firewall on FPGA (opens in new tab)". Canadian Conference on Electrical and Computer Engineering (2011).
- "Unexpected means of protocol inference (opens in new tab)". Internet Measurement Conference (IMC). Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
- "Architecture of Consent: Internet Protocols and Their Legal Implications (opens in new tab)". Stanford Law Review (2004).
- "Configuring Juniper Networks NetScreen & SSG Firewalls (opens in new tab)". Networking, Security and the Firewall (2007).