What Is a Firewall and Why Do You Need One?

A firewall is a network security device that guards against unauthorized access and threats like malware, viruses, and hacking attempts. We look at the types of firewalls, their benefits, and why a firewall is an important part of any cybersecurity suite.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

A firewall is an essential security component for protecting your network and computer system. You need a firewall for enhanced network security against cyberthreats. But what exactly is a firewall, and how does it work?

A firewall safeguards your network and prevents unauthorized users from accessing it. By monitoring and filtering incoming and outgoing traffic, it can also protect against spam, computer viruses, and remote hijacking.

Bundling antivirus software with firewall protection adds extra security protection for a fully robust and secure network. Let’s look at the different types of firewalls, the benefits of using a firewall, and why you need one as part of your cybersecurity suite.

In this article
How do firewalls work?
What firewalls can do
Hardware firewall vs. software firewall
The role of different types of firewalls
FAQs
Bottom line

How do firewalls work?

A firewall is a network security device that guards your computer or home network against unauthorized access and threats like malware, viruses, and hacking attempts. Using a set of predetermined security rules, it reviews incoming and outgoing traffic to identify and block threats and prevents them from entering the network.

Firewalls create a layer of protection between an external network and the network they're configured to protect. Using a firewall in conjunction with other security measures, such as antivirus software and good security habits, enhances network protection.

What’s the difference between antivirus and firewall protection?

Though they play different roles, antivirus software and firewalls complement each other in protecting against cybersecurity threats.

A firewall acts as a line of defense between your computer, network system, and the internet. It actively monitors and filters incoming and outgoing traffic to detect malicious traffic and prevent unauthorized access before it reaches your computer.

Antivirus software protects against threats on your device and works to prevent future infections. By scanning applications and files, it can detect, quarantine, and remove existing viruses from your computer.

Top antivirus software with firewall protection

Enjoy Norton’s 100% Virus Protection Promise
5.0
Editorial Rating
Learn More
On Norton 360 Antivirus's website
Antivirus Software
Norton 360 Antivirus
Save up to 58% your first year
  • 4 plans available, all including antivirus, malware, ransomware, and hacking protection, Cloud backup, and a secure password manager
  • Option to add VPN connection, dark web monitoring, privacy monitoring, and more
  • Compatible with Windows, Mac, Android, and iOS on up to 10 devices depending on plan

Online Protection With VPN Access and Identity Monitoring
5.0
Editorial Rating
Learn More
On McAfee's website
All-In-One
McAfee
Save $90 on a 2-year plan
  • Premium antivirus, scam, and web protection, plus a VPN, identity monitoring, and secure password manager
  • Added peace of mind with 24/7 expert online support and McAfee’s Virus Protection Pledge
  • Compatible with Windows, Mac, Android, iOS, and ChromeOS on up to 5 devices

Trusted Protection by 435 Million Users Worldwide
4.8
Editorial Rating
Learn More
On AVG's website
All-In-One
AVG
  • Award-winning antivirus, malware, and ransomware protection for up to 10 devices
  • Includes webcam protection, safe browsing and email, automatic updates, and 24/7 protection
  • Suite of protection benefits including a secure VPN, anti-tracking capabilities, safeguards against phishing sites, and more

What firewalls can do

A firewall is the first layer of defense in securing your network. It provides a number of benefits to strengthen your network security:

  • It secures incoming and outgoing traffic. Firewalls act as a barrier between internal networks and the internet. They can also be set up to prevent data leaks outside an organization.
  • It safeguards your network from phishing attacks. Firewalls review incoming traffic for malicious content and block phishing attacks.
  • It allows you to easily handle and update the security protocols from a single authorized device. Firewalls offer a single point of control, allowing you to efficiently implement and update security policies.
  • It provides a faster response time and can handle more traffic loads. Advanced firewalls can manage higher volumes of traffic without creating network latency.
  • It prevents unauthorized users from accessing a private network connected to the internet. Firewall access controls can be configured to verify the identity of users and devices and prevent unauthorized access to the network.
  • It protects against DDoS attacks, spam, backdoors, remote hijackings, viruses, and macros. Firewalls can protect networks from attacks outside the network by blocking harmful traffic. They can filter out spam emails before they hit your inbox, close backdoor vulnerabilities, block viruses from entering the network, foil remote hijacking attempts, and help prevent distributed denial-of-service (DDoS) attacks.

Hardware firewall vs. software firewall

Firewalls are either standalone physical devices or software installed on a computer or server. Most home networks have software firewalls automated and bundled into their systems. However, using both types of firewalls enhances layered security across the entire network.

Hardware firewalls are useful for protecting multiple computers connected to a network. They filter incoming and outgoing traffic at the network perimeter and can offer additional features like virtual private network (VPN) support and intrusion prevention, preventing an attack before it reaches your computer. Hardware firewalls don’t impact your computer's performance, but they may require more expertise to configure and maintain properly.

Software firewalls are commonly installed on individual computers and servers inside the network. They’re often part of operating systems and control and filter traffic on that specific device. They’re easier to install and update than a hardware firewall, but they do require installation and management on each individual device.

The role of different types of firewalls

There are several types of firewalls to choose from. They range from simple packet filtering functionality to sophisticated intrusion prevention capabilities that can scale and adapt to various types of security threats.

Types of firewalls

Each type of firewall, from packet filtering to the more advanced next-generation firewall, provides network security at varying degrees of protection.

Packet filtering firewalls

A packet filtering firewall is the most basic type of firewall. It’s like an ID check at the grocery store. These firewalls inspect packets — which are pieces of data at an internet protocol (IP) level — and either accept or reject them based on defined security rules set by you or the network administrator.

For example, if the firewall is configured to block incoming traffic from a specific IP address, the firewall will block it and protect the network from harm when a packet arrives matching that address.

Stateful inspection firewalls

A stateful firewall essentially gives a green or red light on whether to allow or block network traffic on a packet-by-packet basis. These types of firewalls track the state of inbound and outbound connections between networks, giving the firewall more information to determine whether the data should be passed through to the network or blocked.

This firewall's functionality provides more context about the data than a packet filtering firewall and offers a higher level of security.

Proxy service firewalls

Instead of focusing on network traffic, a proxy firewall acts as a middleman between the user and the internet. Proxy firewalls examine data at the application layer to filter incoming traffic between your network and the traffic content. This functionality allows for better decision making on which traffic flows through the network, providing a higher level of security.

One advantage of a proxy service firewall is its ability to hide internal network IP addresses, providing you with anonymity. However, if the firewall is undersized for the amount of traffic it receives, it may produce latency in network communication.

Next-generation firewalls

The next-generation firewall (NGFW) uses some of the same features of traditional firewalls but offers more advanced capabilities, like intrusion detection, deep packet inspection (which examines the inside of the content), and application awareness.

An intrusion prevention system is often integrated into an NGFW, giving it an enhanced capability to continuously monitor the network for threats and report, block, or drop the activity. This ability to take action on threats is a key differentiator from other firewalls.

Cloud firewall

This type of firewall has the same functionality as other firewalls, except that it's hosted in the cloud. It’s flexible and scalable for those operating in a cloud-based infrastructure.

FAQs


+

What is a firewall?

A firewall is a hardware or software network security device that monitors and filters incoming and outgoing network traffic to protect against malicious traffic and cyberattacks.


+

What does a firewall actually do?

Acting as a barrier, a firewall monitors and filters incoming and outgoing network traffic to protect your computer system and network from external attacks.


+

How does a firewall know what to block?

A firewall is configured with a set of rules that controls incoming and outgoing network access based on the source or destination IP address and other protocols.


+

How do hackers get around firewalls?

Hackers can exploit firewalls using various techniques. These techniques include IP spoofing, distributed denial-of-service (DDoS) attacks, phishing, infecting computers with malware and trojans, and exploiting zero-day vulnerabilities.

Bottom line

A firewall is a must-have in your arsenal of tools to protect and secure your network and computer. Its ability to filter, monitor, and control incoming and outgoing network traffic is critical in protecting against cyberthreats and safeguarding your data.

When you use a firewall, you can block attackers from gaining access to your network. Paired with our recommended best-in-class antivirus software, you will have established a strong security defense for your network.

Comprehensive Protection With Database Updates Every 3 Hours
4.4
Editorial Rating
Learn More
On Surfshark AntiVirus's website
Antivirus Software
Surfshark AntiVirus
Up to 80% off + 3 months free
  • Powerful app that offers 24/7 virus and malware protection that won’t hog your CPU or RAM
  • Includes webcam protection, fully customizable security, full or quick scans, and more
  • Compatible with Windows, Mac, and Android on unlimited devices

Author Details
Callander Turner is a seasoned writer with more than a decade of writing experience. Holding a B.A. in English from the College of William and Mary, she began her career in tech policy and specializes in topics such as hacking, antivirus software, and password managers.