A firewall („fire wall“) is a security tool to control the transfer of data over a network and restrict to the allowed. Of interest is particularly the data transfer between your local network and the public internet, because unauthorized access from outside and unauthorized transmission from the inside has to be stopped to protect your private data.
Basically, it controls which program might use which port to transmit data. A computer connected to the Internet uses connections at port 80 and 443 („are opened“) because they are the ports for HTTP (1.0, 1.1) and HTTPS (secure HTTP). If you want to download your email via POP3, you need to open port 110 (POP3), and port 25 (SMTP) to send mail and so on.
So many tools and applications are associated with ports. Programs that you e.g. do not use the mail exchanges, must in principle have no access to these ports and to block access restricts the likelihood of abuse.
One can roughly distinguish two types of firewalls:
Software-based firewalls
Software-based firewalls run on the computer to accept the connections and monitor it. The often called personal firewalls are characterized by ease of use and low price. Many are free.
Many are rule-driven, that means the decide based on rules you define. I.e. the firewall learns what you allow and what you disallow. This works quite simply in that way, that each connection attempt is checked, whether it is allowed or not.
- If allowed, the connection is created.
- If prohibited, the connection is blocked and no transmission can occur.
- Otherwise – that means there is no rule yet – you are asked, what shall happen to the connection. might it be allowed or not. In general, this decision can also be taken „forever“. In this form a new rule is created, and the decision can be derived the next time without asking back.
Personal firewalls are typically equipped with a comfortable interface, which makes the definition of new or modifying existing rules easy.
Software-based firewalls have the disadvantage to run on the same machine, which also hosts the browser, private data, etc. If the firewall is broken, the computer and its data is relatively unprotected. Even the best firewall is of no use if the user accidentally granted a Trojan access to the network.
Hardware-based firewalls
Unlike the software-based personal firewalls, hardware-based firewalls are separate devices. Of course, they also run on software, but it is a specialized software on specialized hardware, and no standard operating system.
The configuration can be cumbersome and expensive, but should therefore not allow the accidental granting of rights, voiding protection efforts. Hardware firewalls are considered difficult to overcome, and therefore considered safe.
Nowadays many routers are equipped with a firewall by default.
