/ˈfaɪər.wɔːl/
noun — "the digital gatekeeper that keeps networks safe."
Firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules. It protects networks, devices, and applications from unauthorized access, malware, and cyberattacks while allowing legitimate communications to pass through.
Technically, a Firewall can operate at different layers, including network (packet filtering), transport (stateful inspection), and application (proxy or deep packet inspection). It enforces policies such as IP filtering, port blocking, NAT, and VPN access control, often working alongside intrusion detection/prevention systems (IDS/IPS) and QoS (QoS) for traffic management.
Key characteristics of Firewalls include:
- Traffic filtering: blocks or allows traffic based on rules.
- Access control: enforces who or what can enter the network.
- Layered security: can inspect packets from network to application layers.
- Policy enforcement: integrates with NAT, VPNs, and QoS.
- Monitoring and logging: tracks traffic and potential threats.
In practical workflows, firewalls are deployed at network perimeters, between VLANs, and on individual devices to prevent unauthorized access while allowing legitimate business communications to flow efficiently.
Conceptually, a Firewall is like a security checkpoint: it inspects everyone and everything coming in and going out, letting only authorized traffic pass.
Intuition anchor: Firewall keeps your network secure without blocking the data you actually need.