Definition of a firewall

Firewalls
What is a Firewall?

When builders started to build houses in terraces or as semi-detached, there was always the possible problem of a fire in one house moving to the next house and the rest of the terrace via the roof space. To prevent this the dividing wall between the houses is taken to the top of the roof, and is generally made of more substantial brick. This wall is called the Firewall, and cannot be tampered with in any way.

In Internet terms, an electronic Firewall is placed between the private network and the public part of the Internet. This allows users on the private network to access the public part of the Internet, but stops hostile communication from the outside getting back on to the private part of the network.
Firewalls are used to create security checkpoints where private networks meet the Internet. They provide the routing function between these two networks, inspecting all communications passing between the two networks and either pass or drop the communication depending on how they match the programmed policy rules.
The firewall can be implemented in hardware on the gateway ¹ router of the private network, or by a piece of software on a PC after the gateway router.
As well as these firewalls to protect private networks, firewall software has been added to the desktop PC operating system, as these can be "hacked" from outside, via the modem, if someone is determined to get into the PC. These are generally called Personal Firewalls and can also be purchased as separate applications. Many users, working from home with dial-up facilities, have lost several days worth of work through the actions of malicious intruders. Lots of hackers just connect to the Internet and use programs that scan the data for addresses, and strike when and where they can.
The firewall will filter the traffic, rejecting hostile traffic and allowing required traffic. The firewall can filter both incoming and outgoing traffic. In this way any user trying to access the Internet without permission can also be rejected. The firewall can also log unauthorised attempts both ways. The firewall can filter by address, port, protocol or attribute.
The firewall cannot protect against anyone bypassing it and using a modem to dial straight into the network It cannot protect against employee misconduct and carelessness. Many hackers get the information to get in by casual conversation with the employees or by telephoning them on bogus pretexts. Some court cases have been lost by the fact that the hackers got their information from "Social Engineering", confidence tricksters, or by looking in the company rubbish skips, for that vital piece of data to get in. These are management issues which cannot be protected by firewalls.

More information on Firewalls and Virtual Private Networks can be obtained from the Internet by using the search engines.

[1] Gateway - The point at which the private LAN connects to the public network.