Computer firewalls get their name from physical firewalls which prevent fire spreading from one section of a building to another. Firewalls are structures which strictly control access from one side to another.
That's exactly what a computer firewall does — restricts the flow of traffic and program instructions in or out of a system.
There are two basic types of firewalls — hardware and software, though the distinction can be misleading. Hardware does nothing without the software to guide it, and software just can not even exist without the hardware to hold and use it.
Hardware firewalls are normally used between networks — for example between a corporate network and the Internet. The Internet is nothing more than a large set of individual networks. Incoming traffic from the Internet is restricted to public access areas or to particular computers on the corporate network. Computers in the corporate network behind the firewall access each other and the Internet.
Internal firewalls within corporate networks are also used - typically to keep resources restricted to certain groups.
Software firewalls — called 'personal firewalls' — are more often used in small personal computers which connect to the Internet. They're slower than hardware firewalls, which are specialized for the firewalling function, and they use resources on the individual's PC.
Firewalls help prevent unauthorized access to systems by hackers. They control both inbound and outbound traffic according to a 'policy' established when the firewall is installed, or later configured. The policy determines which programs can access the Internet and what kind of incoming or outgoing traffic is allowed.
Browsers, e-mail programs and some auto-updating programs (such as antivirus software) all require network access. A personal firewall can be set up to allow this kind of traffic while disallowing other types of traffic.
Firewalls can learn which programs are allowed access to the Internet. The first time a program tries to connect to the Internet the firewall signals an alert to the user. The user then modifies the firewall policy by (dis)allowing that particular program to access the Internet. The rule of thumb is: if you don't recognize the program, don't allow access. Most installation software will specify what firewall settings are needed to run common programs properly.
Hackers routinely scan computer networks looking for open 'ports' (numbers used by network software to distinguish traffic) through which they can gain access to your computer. Ports are individual connection points between your computer and the Internet. If a hacker can find an open port, it can potentially be used to transmit a worm carrying a payload which can give the hacker control over your computer. Firewalls can close all unused ports.
The best personal firewalls not only close ports, they hide their very existence. This means a hacker program scanning for open ports won't receive a reply to scan requests, rendering the system 'invisible'.
That doesn't mean, unfortunately, that personal firewalls are invulnerable. Unlike hardware firewalls, personal firewalls are part of the computer system — they're just another program — and are just as vulnerable to virus attacks as any other. Some viruses specifically target personal firewalls by modifying the computer system's policy file. If this happens your computer may become vulnerable to hackers even when you thought it was secure.
Nevertheless, connecting to the Internet without using a firewall is ill-advised and possibly down right dangerous. Open ports are a vulnerability that can be easily exploited by hackers. To protect your firewall integrity be diligent about scanning incoming files for viruses, by using antivirus software and avoiding unexpected e-mail attachments.
