An integral part of a secure network is the Firewall. But why? What is it? Does everyone need one?

Most people know that a Firewall is what hackers “hack through” in films and television, but beyond that it’s a mysterious black box that works its magic invisibly.

The Bouncer

The most common form of firewall is what you might compare to a bouncer at an elite club or restaurant. There is a list of acceptable customers (network traffic) that the bouncer will accept through the door. All others he turns away. This list can be very specific about which individuals it allows in (as identified by an IP address), or it can be more general and simply state the types of people allowed in (as identified by protocols such as those used by the web, email, etc). This type of firewall is readily available in virtually all consumer network equipment and operating systems.

The “Bouncer” firewall prevents unauthorized access to the network. Or more importantly, the information it contains.

The Warden

The other aspect of a firewall keeps information from getting out. The “Warden” aspect has a similar list to the Bouncer, but he’s facing inward. This type of firewall is usually only found in commercial-grade network devices and software.

Forgetting the Warden metaphor for a moment, this can be used to compartmentalize networks and network traffic, and even prevent the spread of viruses. More commonly it is used to restrict the types of traffic permitted on a given network, for example streaming video, audio, or torrents which can quickly accumulate to become resource hogs in networks of all sizes. Technically speaking, this is the more traditional definition of “firewall” since the original term came from the practice of placing a partition made of fireproof material to prevent the spread of fire from one part of a structure to another, such as on a plane or ship (especially around the engine compartment).

Do I Need a Firewall?

This is a simple question with a not-so-simple answer: sometimes. Most devices have at least a rudimentary firewall built into them. The capabilities and behaviour of those firewalls will vary from platform to platform: Windows, Mac, Android, Linux, and a long list of variations therein have a type of firewall.

Whether or not you need one depends on the environment. If you have a router at home, this device acts as a firewall between you and the outside world. In this case it is not imperative to use a firewall on your computer. However it doesn’t hurt anything by running one.

If you happen to have multiple computers at home, again you likely have a router which offers some protection from the outside world via a firewall. But in this case if you want to share information between computers, a firewall may prevent this communication, so you may consider disabling it when at home. However this second computer may belong to someone who you don’t want snooping around your computer, in which case you may want to leave the firewall enabled.

The same principle applies to a public space: a coffee shop, an airport, or a public hotspot are places that you have no control over. Even though most public wireless are configured in a way that isolate devices from each other, it’s still safer to have a firewall enabled.

In a business environment, there will almost certainly be a firewall in place (or at least there should be) between the office and the internet (same as at home: the router). Whether another firewall is configured and maintained on individual servers or computers is largely up to the requirements of the host business.

Did you like this explanation of a firewall? Is there another technology you’d like explained? Please leave a comment below.