We hear the term firewall quite frequently these days. The reason is that they have the ability to protect networks of all sizes from many different incidental and intentional attacks. We’ll start with a bit of history. The concept of a firewall is another that cybersecurity has borrowed from another field, in this case building science. Firewalls were created in the late 1700s in an attempt to cut down on the spread of fires through cities. At the time, most buildings were timber frame construction with little or no space between exterior walls in cities. A fire that started in one house often spread quickly to the houses on each side of it starting a chain of fire that burned whole sections of towns. Firewalls were designed as brick and cement blockades that were thick and tall enough to prevent fire from traveling between houses. Network firewalls do the same thing. They prevent badness on one side of the firewall (outside the network) from migrating through the firewall and into the network. Ah, but the devil is in the details.
A network firewall prevents unauthorized access to a network. The first network firewalls were created in the 1980s and were incredibly simple. They were effective for their day and the limited inter-network traffic that existed. Firewalls became more robust as internet activity picked up in the 1990s. Now we have Next Generation Firewalls (NGFWs) and they are incredibly complex. These firewalls can filter traffic coming into a network based on an array of rules. Firewalls can be hardware, software or even on the cloud.
The settings of a firewall are where the magic happens. If they are not set properly, bad things happen. Firewall settings with minimal filters and controls allow most of all traffic to pass through the network. This creates a situation where malicious packets are allowed to travel through the network. A variety of attacks take place this way. When firewalls are set too tightly, they prevent legitimate network traffic from being delivered.
Networks come in different structures with varying requirements. Having a selection of network firewall options helps provide the best fit for every network. Firewalls can be sorted one of two ways. One way is based on the system they protect: a host or a network. Another method of categorizing is by filtering method, the main types are as follows: Packet-filtering firewalls, Circuit-level gateway firewalls, Proxy firewalls, Next-generation firewalls (NGFWs), Threat-focused NGFWs, Virtual firewalls, and Cloud-native firewalls.
This is just the tip of the iceberg regarding firewalls, but we have to start somewhere. If you want more information no firewalls, I recommend: https://www.techtarget.com/searchsecurity/definition/firewall