Hot Summer Deals

Save up to 47% on select products,
plus get free shipping and easy returns.

Save up to 47% on select products.

HP TECH TAKES /...

Exploring today's technology for tomorrow's possibilities
What is a network firewall

What is a Network Firewall and How Does it Work?

Michelle Wilson
|
If you’re looking to increase the security of your network, a firewall is one of the first lines of defense you can utilize. Besides limiting access attempts to certain networks, modern firewalls have evolved to limit the ability of malicious attackers to steal sensitive information across a range of devices.
Despite being an older security technology, firewalls are as important as ever - especially as new smart devices come online during the Internet of Things (IoT) revolution. Below, we’ll dive into how firewalls function and how they can be deployed to protect your network and bolster security.

What is a firewall?

A firewall is a system built to protect private networks from unauthorized and unverified access through an internet connection. Firewalls can be either in the form of hardware or software - or a combination of the two.
So, what do they actually do? Firewalls protect your computer or a series of computers on a network from websites filled with malware or vulnerable open network ports. They help stop would-be attackers in their tracks before they can do any damage. Network firewalls can be found in businesses, homes, schools, and intranets which are private networks within an organization.
In addition, a network firewall can be configured to prevent the access of network users to outside websites. For example, parents can set parental controls on their children’s browsing habits or your workplace may block particular websites to keep you focused on the task at hand.

What are the different types of firewalls?

Packet filtering

This is the oldest kind of firewall but it has the benefit of not impacting your overall system performance. You can think of a packet-filtering firewall as a checkpoint that’s employed at a traffic router or switch.
The packet filter will assess the data packets coming through your router. Usually, this filter can evaluate the source IP address, destination IP address, packet type, source port, and the destination port.
It doesn’t inspect the actual contents of the packet, just general information on the surface level. Based on your configuration of the firewall, you can filter to allow or not allow packets from specific IP addresses or particular ports.
This type of firewall is relatively simple so it’s easy to evade if you’re a dedicated attacker. It’s best to use this type of firewall in conjunction with other stronger firewall architecture.

Circuit-level gateway

Similar to a packet filter, a circuit-level gateway has a pass/fail system for approving or disallowing traffic. They work by assessing the transmission control protocol (TCP). This assessment determines whether the packet is from a legitimate session.
What does this actually look like? On a network with a circuit-level gateway firewall set up, all packets that are leaving the network appear to have come from that gateway which disallows direct connections with the trusted network and the untrusted network.
Hackers can still get around this type of firewall if they take advantage of an established connection on this firewall and send packets with malware or other malicious content attached.

Acting as a proxy server

This is thought to be the most secure type of firewall because it doesn’t allow direct network contact. The proxy firewall has the capability to examine the entire network packet instead of surface-level details like the IP address and port number. By checking the packet information, this firewall can better verify that the packet doesn’t have any malicious content.
What does this mean, exactly? A security manager can use a proxy firewall to better manage and deal with security issues like evaluating different threats and other attacks on the network.
Why is this type of firewall used? You can set up a proxy server to block access to different websites and filter certain port traffic to protect your internal network.
One drawback of a proxy firewall is that it makes an additional connection for every packet that comes in and out, which can cause a lag in system performance and it can be the point of failure during an outside attack.

Web application firewall

An application gateway is similar to a proxy server. Here’s an example of how it works:
Client computer A creates a connection with the application gateway. Then, the application gateway decides if the contact between the devices should be approved or not. If approved, a connection is made to outside computer B.
All information goes through two connections - client computer A to application gateway and application gateway to outside computer B.
The application gateway checks all traffic before sending it on. Much like a proxy server, the application gateway IP address is the only one seen by the outside, so the internal network stays concealed.

How does a network firewall work?

A firewall is set up to constantly regulate and monitor all incoming and outgoing traffic. It differs from a simple traffic analyzer in that a network administrator or security manager can control that traffic.
Some firewalls can be configured to block pretty much everything except for people and actions you specifically allow.

How would a network firewall security work in real life?

Let’s say you work at an organization with 100 employees. If you don’t have a firewall configured, those 100 computers used by employees are vulnerable and available to anyone with an internet connection. Hackers can easily exploit employee mistakes and disrupt the network or spread malware.
Here are just a few of the ways a malicious attack on a network could occur on a network like the hypothetical company above without a firewall:
  • Remote login: Hackers can view or obtain your files running on your device.
  • Denial of service (DoS): This is a common tactic that uses brute force. A hacker sends a request to open a session with a server that can’t be found. The destination server is soon overwhelmed by these unanswerable session requests - usually resulting in a system crash.
  • Email bomb: A huge amount of emails are sent to you so your email system can’t handle any new emails.
  • Macros: Hackers create their own macro (aka a script of computer demands so an application can run) that crashes your computer.
  • Viruses: A virus is a form of malware that copies itself from one system to the next and it can be as harmless as a prank message or it can completely destroy your data.
If a company has a proper firewall setup, each device connected to the internet would have a line of defense that implements particular security rules.

Wrapping it up

Firewalls are an older security technology but they’re still incredibly important when it comes to protecting your device. Whether you use a network firewall to protect your enterprise or configure one for a smart device in your home, they’re an essential step to help prevent malicious attacks.

About the Author

Michelle Wilson is a contributing writer for HP® Tech Takes. Michelle is a content creation specialist writing for a variety of industries, including tech trends and media news.

Disclosure: Our site may get a share of revenue from the sale of the products featured on this page.

More about these products
Disclaimer

Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.

HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price

The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle

Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.

HP will transfer your name and address information, IP address, products ordered and associated costs and other personal information related to processing your application to Bill Me Later®. Bill Me Later will use that data under its privacy policy.

Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.

HP Rewards qualifying and eligible products/purchases are defined as those from the following categories: Printers, Business PCs (Elite, Pro and Workstation brands), select Business Accessories and select Ink, Toner & Paper.