What is a Firewall? Everything You Need to Know

What is a firewall, exactly? Originally a centuries-old term for the walls that were built to prevent the spread of fire outbreaks in homes and storehouses, these days a firewall is what we call a security device for computer networks. A firewall protects your network from external threats that can damage or destroy your network and data, much like physical brick walls prevented fires from spreading too far in village buildings made mostly of wood and other flammable material. (Fun fact: that’s why the visual image for many of the original firewall systems was literally a brick wall!)

A modern firewall prevents unauthorized users from accessing your network and examines all messages that enter or leave your network. It can exist for either software or hardware, and ideally a small business will use both because they work in different ways to protect your network. While all types of firewalls work as a filter for information coming into your network, a software firewall protects the device or devices running the software while a hardware firewall is a separate appliance that protects the entire network from malicious intrusions. Without a firewall, anything on your system is visible and exploitable by hackers and cybercriminals.

Firewalls are programmed with security and rules to prevent unwanted or unapproved access to your network, and there are several types of firewalls that work in different ways to protect your network from the many cybersecurity threats out there. We broke down the difference between different types of firewalls in detail in this blog post, but here is a refresher with updated information on the newest types of firewalls available and what you need to look for to give your small business the best protection possible.

What is a Firewall Proxy?

This was one of the earliest types of firewalls available and it works by granting access from one network to another, allowing only specific applications to gain access to your network. Essentially, a proxy firewall acts as a doorway or a gate, only allowing specific applications through. They can further protect you by masking your IP address and performing deep-packet inspections to verify that they don’t contain malware.

Stateful Inspections/Traditional Firewall

This type of firewall works by managing traffic depending on the protocol, port, state, or traffic. They provide end-to-end monitoring based on rules set by your network administrator, and use both packet inspection technology and TCP handshake verification to give you a high level of protection. However, because of the high level of inspection technology, they can slow down systems because of the time they take to view even legitimate packets.

Unified Threat Management (UTM) Firewall

This firewall combines a stateful inspection firewall with an antivirus program to protect your network from malware and other types of attacks at the application layer. It assembles several different types of security functions, such as packet filtering, intrusion detection and prevention, proxy systems, and anti-malware protection to give your network well rounded coverage.

Next General Firewall (NGFW)

This is the most secure option for businesses that require a high volume and high level of security, such as hospitals, banks, and schools. It performs the function of standard firewall protections, such as stateful inspection. But it goes beyond that with tools such as integrated intrusion prevention, application awareness to view and block suspect apps, and technology that addresses evolving threats. It uses both Intrusion Detection and Intrusion Protections systems to defend your network. NGFWs are considered superior to older types of firewalls because they can also inspect individual packets for malicious payloads without slowing down your network. 

Threat-focused NGFW

The latest iteration of next-gen firewalls, threat-focused NGFWs provide advanced threat detection with context awareness that knows which assets are most at risk, detects suspicious activity at the endpoint, uses continuous monitoring to reduce the time between threat detection and clean up, reacts quickly to attacks with intelligent automation, and creates policies that protect your network across the entire attack continuum.

Virtual Firewall

If your small business runs on the cloud, a virtual firewall can be used to monitor network traffic in both virtual and physical networks. Also known as Firewalls-as-a-Service, these serve as a virtual barrier that protects cloud platforms, applications, and infrastructure. 

Similar to hardware and software firewalls, they control the flow of information and make intelligent decisions about information to allow into the network. A cloud-based firewall doesn’t need to be installed or configured on your own, because they function “as-a-service” and the third-party vendor takes responsibility for installation, upgrades, and day to day management.

The risks of not having a firewall

Without the added levels of protection that firewalls provide, your network is left open and accessible to anyone. Your system is vulnerable to hackers and other malicious users and you have no way of detecting incoming threats.

With your devices exposed, anyone can gain access and even control over your network and the devices linked to it. This leaves your data vulnerable to deletion, malware, spam, identity theft, ransomware, network crashes, and other forms of cyber crime that can cause you to lose data, money, clients, and maybe even your small business itself. Because businesses make up 81% ransomware infections, this isn’t a threat to take lightly.

What to look for in a firewall

Your firewall should allow safe, remote access for you and your employees. As more businesses move to full-time remote work, having the option for site-to-site and client-based VPN tunnels will protect your network when you and your employees are logging in remotely.

If you can, get a firewall that provides separate ports for different actions. These additional ports act as “disguises”, making it harder for a cybercriminal to attack your stand port and the vital services that are accessible through that port.

Newer versions of firewalls offer the option of seeing and controlling all users and applications within your network, which minimizes your system’s vulnerability to outside users.

Remember that firewalls do need to be updated and upgraded regularly. Cybercriminals work to be one step ahead of security measures, so a firewall can’t be viewed as a one-step measure to protect your small business. A good firewall system will offer regular updates to ensure that your network is protected from the newest threats.

Firewalls are also designed to handle traffic differently based on size and bandwidth, so take that into consideration when you are looking to replace or upgrade your network security. The wrong kind of firewall for your system could end up slowing down your network or not protecting you as well as it was designed to.

At Tech Masters, we can assess your small business security needs and recommend the best firewall for your system. Schedule a free consultation today!