A firewall, much like a firewall that protects a building from a fire getting through, protects your network from unwanted access by letting a program monitor traffic in accordance with predetermined rules and forward only rules-compliant data. This program can be installed directly on your computer or, as an external firewall, on a separate device, such as your router.
What does the term “firewall” mean in detail?
In computer networks, information traffic runs through the so-called ports. Of these, there are over 65,000 in total - the most common functions are fixed ports. For example, port 587 is intended for incoming emails from authenticated senders, and port 443 for calling a secure website. These ports can only be used by the program assigned to them. Your firewall monitors this traffic. It checks, among other things, status, port, protocol and server address. If, for example, an unauthorized protocol is used, the firewall will block the traffic.
What about the ports that are not permanently assigned? These can be used flexibly. In the context of such use, the port is opened for data traffic and ideally closed again. Ports that remain open after the end of the data exchange pose a security risk. For hackers, these are comparable to an open door. That's why your firewall checks your system for open ports that are currently not needed and closes them.
Because of their success, firewalls are widely used today. Most routers have one and smartphones, too. For corporate networks, there are even specialized devices on which very complex firewall programs are installed. These often do much more than what is explained here. For example, you can also check the contents of the transmitted data (Deep Packet Inspection).
Where do I encounter firewalls in my daily work?
At best, you will not notice your firewall in everyday work. You will receive all the data you request as it complies with the firewall rules. What you do not notice is the following scenario: As you work, a server on the Internet sends data to a port on your network. However, there is a firewall rule for the address from this server: data from this server should not be accepted. Your firewall adheres to this rule and rejects this data. Unaffected by this potential attack, you continue to work until the end of the workday.
What can I do to improve my safety?
On the Router
Most often, you will come into contact with the topic of firewalls in relation to your router. Do not open connections on your router firewall or allow direct connections from the Internet to be forwarded to your computer, unless you have a very good reason and are aware of the risks (this is often the recommended solution to make certain online games work, but not good for a company).
Watch for updates
If you maintain your own IT, pay close attention to updates - even on your home computers. For example, make sure the list of untrusted server addresses is current.
Show interest and learn more
Ask Perseus or your IT representative which firewalls are on your network and what they are doing. If you want to know how powerful your firewall is, have it tested by a company like Perseus.
Special features of Windows
If you have Windows, it comes with a firewall that is enabled by default. Leave it activated.
Special features of Mac
If you are using a Mac, it comes with a firewall that is disabled by default, turn it on in system security settings.
Special features of third party providers
If you're using a third-party firewall that comes with your antivirus program, make sure it's up- to-date.
Warnings from the firewall
In all cases, if you see firewall warnings about programs trying to connect to the Internet that you know nothing about, do not allow them to connect.
Make firewalls stricter
You can also ask to make the firewall stricter by adjusting the rules. For sensitive areas of your company, this approach is particularly recommended. Many firewalls operate on the principle that "everything that is not forbidden is allowed," making them virtually unnoticeable in everyday working life. The more your firewall is based on the opposite principle - "everything that is not allowed is forbidden" - the more secure it is. However, it is much more noticeable in the daily work routine through inquiries and possibly blocked data.