What Does a Firewall Do? | Fortinet
Skip to content Skip to navigation Skip to footer
What a Firewall Does
What a Firewall Does Not Do
Firewall Needs
Firewall Networking Usage
How Fortinet Can Help
FAQs

Firewall Definition

firewall is a security system designed to prevent unauthorized access into or out of a computer network. Firewalls are often used to make sure internet users without access are not able to interface with private networks, or intranets, connected to the internet.

A firewall is positioned between a network or a computer and a different network, like the internet. It controls the network traffic coming in and going out of the computer or network. If you do not have a firewall, virtually any data can exit your computer or network, and virtually any individual or program can come in.

What Does a Firewall Do?

Firewalls protect your computer or network from unwanted traffic coming in or going out. Firewalls can also inspect and authenticate all data packets in network traffic before they are allowed to move to a more secure environment.

Whether a hardware appliance or a software program that is protecting a corporate network or a personal computer, a firewall is essential to network security. For example, depending on where a firewall is installed, it may guard against insider threats in a network segment or act as a barrier against external threats at the network perimeter. 

As your organization’s first line of defense, a firewall monitors and filters all network traffic including outgoing traffic, application-layer traffic, online transactions, communications, and connectivity. It blocks  incoming threats based on a set of pre-programmed rules that also may dictate which users can access specific network areas. 

What does a firewall do? It protects your network from unauthorized access to mitigate the risk from cyber attacks.

What Does a Firewall Not Do?

Having a firewall does not necessarily protect you from all threats. There are several risks that can still impact your network. Malware is one of the most prevalent. Malware includes ransomware, viruses, worms, spyware, adware, pharming, phishing, and Trojan horses, each of which can be used to infect and control aspects of your computer. 

A firewall cannot always protect you from these threats because they often infiltrate your system through an email. Clicking a link inside the email causes the malicious software to be installed on your computer, thereby infecting it and possibly spreading to the rest of your network. Worms, Trojans, and viruses can all spread inside your network, infecting various computers. 

Trojans may come in the form of an application that appears to be harmless, but when you click on it, your system gets infected. A worm replicates on its own, spreading to other areas of your system, potentially inflicting significant damage. Similarly, a virus targets specific areas of your computer, resulting in crashes, insufficient memory, deleted files and programs, and more. If you have a firewall positioned before your wide-area network (WAN) but a computer that has accessed your WAN has one of these threats, you can be exposed.

Firewalls also cannot prevent unauthorized access to your computer. If your computer has a password, it is important to make sure you keep it private. A better defense is to use a hardware authentication device like a token. A user would need to have the token to get into your computer. If a malicious user gains access, they can abuse your device in any way they see fit. 

If a firewall is placed between where your computer connects to the network and the rest of the network, the attacker may not be able to use your computer to infect others on the network. In this way, a firewall can be used to segment the network. However, keep in mind that all devices within your segment can be attacked if an unauthorized user gains access.

A firewall also does not protect devices from physical theft or data leakage. For example, a hacker may be able to connect a universal serial bus (USB) device to your computer to track your keystrokes as you log in. A firewall cannot protect you from this kind of intrusion. Also, if your computer is stolen, a firewall will not be able to block a user from gaining access. You will have to rely on login credentials or multi-factor authentication (MFA).

 

Why Do You Need a Firewall?

There are many reasons why you need a firewall but in general, without firewalls, computers and devices in your network are easy targets for cyber attacks.

Firewalls protect your network from unauthorized access by hackers who use a variety of tools to gain entry such as viruses, backdoors, denial-of-service (DoS) attacks, macros, remote logins, phishing emails, social engineering, and spam. You not only need a firewall to block unauthorized access to your network, but also to block your users from visiting inappropriate websites and downloading malware.

You also need a firewall to identify the signatures of dangerous users, known bad actors, and risky applications especially when securing a vulnerable, private network. A firewall can block outflowing data when it notices a social engineering attack to mitigate the damage. When you need to block specific content in application-layer attacks, such as malware, use your firewall. You need a firewall to help you detect and deter rogue activity throughout your network.

Firewalls can also manage network resources so you can control how much network bandwidth is available for specific data types. In addition, you might need a firewall to provide virtual private network (VPN) services that use data encryption to secure communications across the public internet. 

By securing the border between your network and the internet, or between segments of your network and the rest of your environment, firewalls provide essential protection from internal and external threats.

Firewall Uses in Networking

The primary use of a firewall in networking is to secure the network from cyberattacks. For example, a firewall prevents malicious and unwanted content from entering your environment.  As well, a firewall protects vulnerable systems and private data in the network from unauthorized access–such as hackers or insiders. Protecting your business transitions, operational, and confidential data from ransomware attacks and leaks is a critical use of a firewall.

In educational institutions, for example, network firewalls can be used to limit access to specific websites and content deemed inappropriate or unsafe for a particular organization’s users–such as K - 12 and higher. And in business, a firewall can keep users from being distracted by online advertising, gaming, fraudulent websites that host malware, or certain social media platforms when using the company’s network. 

Protecting the seamless operations of a distributed enterprise is a critical use of firewalls in networking.  With a remote and often global workforce accessing corporate networks, applications, and data–in multiple data centers around the world–firewalls are imperative to ensure security across all systems.

Firewalls also safeguard supply chain networks to ensure confidentiality and coordination of goods, services, pricing, and production to secure the value for manufacturer, distributor, seller, and consumer. Whether a firewall takes the form of hardware, software, or web application in the cloud–the use of a firewall is essential to secure networking.

How Fortinet Can Help

FortiGate Next Generation Firewalls (NGFW) seamlessly integrates advanced networking and robust security providing industry-leading threat protection and decryption with a custom ASIC architecture for superior performance and energy efficiency at scale. Powered by FortiOS ensuring consistent security across networks, streamlining operations, and convergence of networking and security across WLAN, LAN, SASE, and NGFW eliminating the need for multiple products with integrated SD-WAN and Universal ZTNA into FortiGates. Customers are safeguarded against the latest threats with AI-enhanced protection from FortiGuard Security Services and FortiManager for centralized and unified policy management of Hybrid Mesh Firewalls. FortiGates are the foundation of the Fortinet Security Fabric ensuring consistent security, converging networking and security to rapidly respond to threats, and ensuring a secure, responsive network environment. This comprehensive platform approach, covering everything across diverse networks, endpoints, and clouds, provides a tailored, efficient cybersecurity solution.

how fortinet can help with firewalls
Click to See Larger Image

FAQs

What does a firewall do?

Basically, a firewall is a cybersecurity solution that protects your computer or network from unwanted traffic coming in or going out. It inspects and authenticates all data packets in network traffic before they are allowed to move to a more secure environment.

What is the purpose of a firewall in a computer network?

By securing the border between your network and the internet, or between segments of your network and the rest of your environment, firewalls provide essential protection from internal and external threats. Firewalls do this by filtering data in network traffic to protect the network from a wide variety of malicious attacks and malware. Without firewalls to block cyber threats and prevent unauthorized access, computers and devices in your network are susceptible to attack.

How does a firewall protect a network?

Firewalls block incoming threats based on a set of pre-programmed rules that also can dictate which users can access specific network areas. As part of your first line of defense against cyberattacks, firewalls offer essential monitoring and filtering of all network traffic to ensure only safe content passes to your secure environment. This includes outgoing traffic, application-layer traffic, online transactions, communications and connectivity, and dynamic workflows.

Firewall Resources

Quick Links