Gert Janzen
Gert Janzen Security Consultant

A firewall is the gatekeeper between your network and the World Wide Web, it is at the entry and exit point of your network.

It assess network traffic and allows only certain traffic to come in and go out. The firewall analyses network packet headers, which contain information about the traffic wanting to enter or exit your network Then, based on policies and rule sets configured on the firewall, it either blocks the traffic or lets it through.

A security gate for the network

A firewall is the gatekeeper that controls all traffic entering and leaving your network, based on policies and rule sets that have been configured on it.

In essence, it’s the buffer between your network and the World Wide Web, in the same way a security gate with radio-frequency identification (RFID) is a buffer between your office building and the outside world.

With RFID technology, information like the person’s name and designation (employee or visitor; security or admin) is stored in a device like an access card or a tag. Only people with the right tag can open the gate and access your building. And only authorised people, like security employees, will be able to access certain parts of the building, like the security control room.

The same goes for your internet connection, only instead of people, you’re dealing with network packets.

How does a Firewall work?

The firewall analyses the packet headers of incoming and outgoing network traffic. These headers contain instructions and information about the packet, like what it is (email, video), where it’s coming from and where it’s headed to. This information is compared to the policies and rules set up for the firewall to determine whether that traffic should be allowed to go any further.

A firewall restricts access to the network. In the image below, blue traffic, or packets, move from the user through the internet. They then reach the firewall. Authorised packets will be allowed (green) and unauthorised packets (red) will be blocked.

The next-generation firewall

As the threat landscape grows and becomes more advanced, the functions of the firewall continue to evolve and adapt. We now have what’s called the next-generation firewall, which does more than block and allow traffic based on a predefined rule set.

Its advanced functionality allows it to intelligently identify potential threats based on signatures and heuristics, and block the potential threat automatically. Examples of this functionality include intrusion prevention systems, application control, anti-virus and Web filtering.

For maximum efficacy, we always recommend that a firewall is supplemented by next generation firewalling services.

Securing more than the network

When is comes to cybersecurity, a firewall is considered your first line of defence. A multi layered approach to security is always recommended and is the best approach to securing your network and protecting your data from a breach. Businesses need to secure against critical attack vectors such as; perimeter, mail, Web, end points, servers, WiFi, and social engineering and insider threats, to establish a strong security posture.

A risk of breach will always exist if an attacker has enough time, motivation and resources, having a cyber resilience strategy is critical for all businesses in the digital era. We believe in a cyber resilence framework which is to identify, protect, detect, respond, and recover against an attack.

New Call-to-action

Read more blogs below