Firewall

A fi rewall prevents unauthorized access to a computer or a network.

As the name suggests, a fi rewall acts as a barrier between networks or parts of a network, blocking malicious traffi c or preventing hacking attempts.

A network fi rewall is installed on the boundary between two networks. Usually this is between the internet and a company network. It can be a piece of hardware, or software running on a computer that acts as a gateway to the company network.

A client fi rewall is software that runs on an end user’s computer, protecting only that computer.

In either case, the fi rewall inspects all traffi c, both inbound and outbound, to see if it meets certain criteria. If it does, it is allowed; if not, the fi rewall blocks it. Firewalls can fi lter traffi c on the basis of

• the source and destination addresses and port numbers (address fi ltering)

• the type of network traffi c, e.g. HTTP or FTP (protocol fi ltering)

• the attributes or state of the packets of information sent.

A client fi rewall can also warn the user each time a program attempts to make a connection, and ask whether the connection should be allowed or blocked. It can gradually learn from the user’s responses, so that it knows which types of traffi c the user allows.

Sophos.com