The benefits of firewalls are something that has been tried and tested for decades now and when it comes to your online security, nothing is quite as good a barrier as the legendary firewall. Indeed, everyone understands that firewalls are essential for your protection while online.
However, what exactly are firewalls? What do they do? How exactly do they protect us online? Well, these are the three points worth harboring some awareness about to improve your cybersecurity knowledge and ultimately avoid any security headaches down the road. Cyberattacks cost hundreds of billions of dollars worth of damage each year, and a firewall is one of the essential cybersecurity tools that filter out a large portion of dangerous transmissions and data packets.
What is a Firewall?
When your computer is connected to the internet, it sends outgoing bits of information while receiving incoming bits of information (also referred to as traffic.) Think of it as an information highway. Your web browser and the software on your computer or device constantly communicate with web pages, services, and more in the background unknown to you. This back and forth exchange of information is fundamental for the functioning of your computer and for you to access the internet properly. A firewall is a security paradigm that comes in and regulates what comes in and out of your internet connection, in order to protect you from several things such as cyber-attacks. A firewall protects your computer and your network from possibly malicious and unnecessary traffic too. Firewalls are configurable, and every major operating system (Windows, Apple) comes with a firewall activated by default. Firewalls also come in two flavors; hardware and software versions. A hardware firewall and software firewall is similar, only in that hardware firewalls usually come in things like your router and can protect all the computers attached to it. A software firewall needs to be installed on each machine, but functions with the same basic concepts like packet filtering. Finally, there are also proxy service firewalls, stateful inspection firewalls, and multilayer firewalls. Multilayer firewalls use ‘dynamic packet filtering’ which analyzes data in real-time and is a far more advanced process than a regular passive firewall.
What Does a Firewall do Exactly?
A firewall is just that, a wall or defense. More specifically, a firewall listens to both incoming and outgoing traffic packets on service ports that run through communication protocols TCP and UDP. Both TCP and UDP are connection protocols, but they differ from each other. A TCP (Transmission Control) protocol is what is called a connection-oriented protocol, whereas UDP or User Datagram Protocol is faster and does not contain error-checking. Another form of a data packet that your firewall will listen to is ICMP. Oftentimes, large organizations will run multiple firewalls for even tougher security.
How Does a Firewall Protect You Online?
A firewall examines ‘packets’ of data with packet filters and then compares this against a common database for any malicious data matches. It allows safe data to go through but blocks anything that does not meet the criteria. Firewalls protect from the following issues;
- Backdoors (a backdoor path that hackers use to get into your system by exploiting bugs or vulnerabilities in your system or software)
- Dos (Denial-of-Service) attacks (brute force attacks)
- Viruses (firewalls detect common virus pathways)
- Spam (a firewall can help block any malicious email connections)
- Macros (scripts that can lead to a malicious attack that a firewall can block)
- Remote logins (protection from giving away complete access to your system)
A firewall determines whether a packet of data should be denied, dropped, or accepted based on the firewall policy. These policies are determined by what is called a ‘firewall administrator’ in organizations and are something that you can also customize in the firewall of your computer. You can write your own firewall rules, where you can filter specific ports or even IP addresses in any way you want. Firewalls usually come with ‘default’ settings which are a basic setup that is safe to use for everyone, but if you need to restrict or block certain apps/software or ports then you need to customize your firewall in your security settings.
In conclusion, here is a very important point. A firewall alone is not enough of a cybersecurity measure to protect you from all of the different cyber-incident scenarios. An example of this would be user error. A firewall cannot protect your system if you decide to download a file laced with malware or if you bypass the firewall for certain purposes. What needs to be done then? Well, the optimal solution is to use a firewall together with other cybersecurity tools. This comprises a Virtual Private Network, antivirus software, and finally always applying logical, good cybersecurity best practices whenever you are connected to the internet.