The internet is all about connectivity.
Computer viruses have been around for a long time.
Thats not the case in the modern world though.
Viruses and malware arent the only nasty things out there either.
You might be tempted to just disconnect your box from the internet to keep it secure.
To manage the balance between access and security, you have the firewall.
Contents
What Is a Firewall?
The basic concept is built around an access control list.
Some things are allowed, some things are explicitly blocked and everything else is blocked by default.
Of course, you’ve got the option to allow the communication if there is no legitimate reason.
Or the reason no longer applies.
Similarly, if youre getting web connection traffic you dont want you could just block it.
It can be worth considering why it was allowed before doing so.
As blocking access may break legitimate functions.
There are two main types of firewalls.
The connection firewall and the personal firewall sit at different points on a connection diagram.
They offer other benefits and drawbacks.
Or potentially your Wide Area web connection (WAN).
It will always be placed between devices and the actual internet connection.
It will generally be located as close to the internet connection as possible.
In a internet topology sense, not necessarily in physical proximity.
A web link firewall is typically a physical server-pop in equipment.
It may be a standalone unit or be integrated into another networking unit such as a router.
They are usually deployed in enterprise-grade networks and are significantly less common in home networks.
All home routers implement NAT and PAT.
So you could think of that as a web link firewall.
Its position on the online grid gives it excellent insight across all traffic on the online grid.
Still, many connections are encrypted between end-user devices and web servers.
It doesnt always have a great view into the actual content of the web link traffic.
internet firewalls are great at providing protection for devices that cant run firewalls of their own.
Theyre also good at offering centralised protection of a large number of devices.
Unfortunately, theyre often slow to be updated if theres a rule that needs changing.
Personal Firewall
A personal firewall is a software firewall that is installed on your rig.
It can monitor communications and be configured to manage the access of individual applications.
Personal firewalls also come with your rig.
This isnt especially important for desktop computers.
Still, laptops and mobile devices may connect to many networks each with different risk profiles.
Personal firewalls are a lot easier to update to grant or deny access to something.
Personal firewalls only cover one rig but can protect it wherever it is.
A significant risk is that if a virus does get through.
Web tool Firewall
Web applications are also under a constant barrage of attacks by hackers.
Tip:Defence-in-depth is a security concept with multiple security feature layers.
The idea is that if one defence mechanism fails or is bypassed, there are still other defences.
A WAF operates slightly differently from other firewalls.
Because its in the system, it can see and analyse the decrypted traffic.
This allows it to analyse the content of the actual messages sent.
If any request is identified as being potentially malicious it can be blocked.
A typical example of the throw in of thing that might be blocked are requests that contain javascript.
It is usually also prudent to lock down the outgoing requests if theyre not necessary as a defence-in-depth measure.
Note: Firewall terminology often refers to blocklists and allowlists.
