What is a firewall?

Everyone knows it’s an essential part of your computer’s security setup but once you get past that, most people don’t really understand what a firewall is. Those who do tend to give you a very technical explanation which does you no good. If you just want to understand the concept of a firewall but don’t need to teach a PhD-level IT course, hopefully you’ll enjoy the article below.

Sort of an odd word

First of all, the term “firewall” used to mean (and still does) that metal part between a car’s cabin and its engine. It’s literally a wall where fire cannot get through. That’s the whole point. In fact, in a car nothing gets through a firewall unless you want it to, because you have to drill a hole to feed things through.

Firewalls for computers

The very same thing applies to a firewall for computers. It’s a device, either real or part of your computer’s software, that doesn’t let anything through unless you want it to. Here in the second decade of the 21st century, everyone uses security protocols. Once upon a time computers communicated freely and there was nothing to stop them. Personal computer operating systems like Windows were designed to communicate within a building, not for the internet, and the internet itself was designed as this sort of hippie commune of knowledge where there were no bad guys and everyone just helped everyone. Of course, the internet turned out to be a very different place and it turns out that most people you’re likely to run into want to harm you in some way or other.

The way it works

Computer-to-computer communication can be described as a series of doors called “ports.” In fact your computer has tens of thousands of ports, and they’re not really like doors because they’re never really locked. They’re more like driveways without gates, letting anyone in who knows how to get there. In retrospect this was not the smartest way to design an operating system and a lot of modern operating systems actually do a better job of locking down these ports. Windows, though, pretty much leaves them open unless you use a firewall (which I’ll explain in a minute) meaning that any attacker anywhere in the world could actually get to your hard drive just by knowing where in the world it is. That’s obviously pretty stupid.

A firewall stops all communication between your computer and the outside world and blocks access to all your computer’s ports except the very few that you need. Port 80, for example, is used for web site loading, so you need that one. Communication that comes through port 80 goes to your browser, so it’s pretty benign. If some other computer wants to get to any other port, your firewall stops it unless you specifically say it’s all right.

Should you use the Windows Firewall?

There is a firewall built into Windows now, and it’s pretty good. There’s usually another one built into your router’s software that’s pretty good. Unless you’re going some pretty nasty places that tends to be all you’ll need. IT professionals use something called a “firewall appliance” in their server racks. A firewall appliance is a lot more complex but gives them a lot of power. The firewall appliance sits right next to the company’s router. It not only does it block unwanted stuff it also helps route the stuff people need to their correct places. For example, it can direct one sort of traffic to the company’s e-mail server. That way,  it doesn’t float around the network. It can send web page traffic through without letting attackers get past.

Firewall appliances also handle “whitelisting” and “blacklisting” of critical data. A whitelist is a list of sites that can always be accessed even if they’re doing dodgy things. Other servers that your company owns that aren’t in the building are usually whitelisted. If you work from home, your traffic into the company’s servers is whitelisted. On the other hand, those sites that your boss doesn’t want you to go to end up on the blacklist. If your site is on a blacklist, then it will be blocked not matter what. This is one way that companies limit their liability. It’s important because for example you wouldn’t want sexually explicit images on company computers where people could sue.

Get computer accessories from Solid Signal

Solid Signal doesn’t sell firewalls. There are other software companies that offer high-end firewalls, and there are hardware appliances that major companies sell too. But, if you’re looking for the best computer accessories on the lower end, shop at Solid Signal for the best!

About the Author

Stuart Sweet
Stuart Sweet is the editor-in-chief of The Solid Signal Blog and a "master plumber" at Signal Group, LLC. He is the author of over 8,000 articles and longform tutorials including many posted here. Reach him by clicking on "Contact the Editor" at the bottom of this page.