You already know that your computer needs protection, and you’re likely doing what you can to keep it safe (we hope). But in addition to your computer, online servers also need protecting. Otherwise, they’re especially vulnerable to an attack. How are hackers and malicious traffic kept at bay whether you’re protecting a computer, network or server? With firewalls.
In its simplest terms, a firewall is like a virtual bouncer. It provides protection between the computer and…well, everything else. Let’s start with a little internet 101. Whenever you use your computer to visit a website, you’re connecting to another type of computer: a web server. And since servers are, essentially, computers, they’re vulnerable to the same types of attacks that your personal computer is.
You wouldn’t connect to another device – like a stranger’s computer or iPhone – without some sort of protection in between, right? If you did, you’d worry that they could steal your information or somehow attack your device. The same goes for connecting to a web server. And from the web server’s point of view, it needs protection between itself and the thousands of connections it makes with computers every day.
What is a Firewall?
To revisit, it’s a device used for network security. It monitors network traffic – both incoming and outgoing – to either allow or block data packets based on its security rules.
Its purpose is to create a barrier between your internal network and traffic that flows in from external sources – like the rest of the internet. This blocks hackers, viruses and other malicious traffic.
There are pre-set rules to analyze and filter traffic, rerouting data that comes from suspicious or unsecured sources in order to prevent attacks on your network.
Firewalls protect your website against the following:
- Brute Force Attacks: Hackers who try hundreds of username and password combos to discover your login credentials.
- DDoS Attacks: An attack that sends thousands (or even millions) of fake packets to cause server overload and take your site down.
- Intrusions: Unauthorized users who try to access your computer or server.
- Malware: Attackers who want to infect your device or server with malware, which can steal your personal information, harm your computer and even spread to other devices.
Ports and IP Addresses
A firewall will act as a data guard at your computer’s entry point, called the port. This is where data flows between external and internal devices – and it’s a vulnerable spot for your network.
An Internet Protocol (IP) address is a unique address given to a device or network. For our purposes, the IP address is what houses the ports – your network ports sort of live within the IP address. Only certain source addresses can get through the IP address in the first place. After that, the firewall provides more filters so that only certain traffic sources can access those ports. You, the owner of your network, can access any port; a visitor can only access some of them – or none of them if the firewall prevents it.
Types of Firewalls
There are several types of firewalls, and the one you use will depend on your specific needs (single device vs. network or server protection).
Software vs. Hardware
All firewalls fall into one of two main categories: software or hardware firewalls. It’s best to have both for the utmost protection, but some people may have one or the other. Either way, both types of firewalls provide a barrier between your computer and the rest of the internet.
- Software: This type of firewall is a program that’s installed on your computer. It will regulate traffic through applications and ports to do things like monitor and manage users, generate logs and block applications.
- Hardware: This physical type of firewall is actual equipment that’s located between the gateway and your network. Your router is a type of hardware firewall, though there are more dedicated devices for larger-scale purposes.
What You Should Know About Hardware Firewalls
Hardware firewalls are tricky to set up for some people, especially if you have just one computer to protect or you run a small business but don’t have an experienced IT department. Hardware firewalls can cause performance issues, particularly when used along with a software firewall. They also don’t provide the well-rounded protection that a lot of personal computer owners need, like application-blocking.
However, for people and businesses that need to protect a whole network of computers, a hardware firewall is much more necessary. It’s difficult to find software with that level of protection. Also, hackers can easily disable a software firewall if they find a way to break through it, but tampering with a physical device is a lot more difficult.
Let’s get more into the different types of firewalls.
A packet includes the data that flows between your computer and a server. When you send an email, upload a file or click a link, a packet goes from your computer to the server; when you head to a website and load a web page, the server sends a packet to your computer.
Packet-filtering firewalls examine packets (namely the designation and source IP addresses), and if they don’t coincide with the pre-set rules, block them from getting through. So if you’re trying to access a website that’s had reports of being malicious, your computer won’t load it in order to keep you safe.
While this is a very common type of firewall, it’s not the most effective, especially when compared to next-generation firewalls (which we’ll talk about next). Protection is limited because the firewall doesn’t scan the contents of a request, just the request itself, which means it could very possibly let through a malicious request from a source it trusts.
If you’re currently using a packet-filtering firewall, at least use another, more advanced type of firewall along with it. However, you probably won’t need to do this if you’re using a more modern firewall because it should have this type of protection included.
Next-generation firewalls, or NGFWs, are much better equipped to protect your device and network. These firewalls provide the following:
- Application monitoring
- Deep packet inspection
- Encrypted traffic inspection
- Intrusion prevention
This means that the data of the request, not just the request itself, is examined to ensure nothing malicious is trying to get through.
A proxy firewall filters application-level traffic, acting as an intermediary between end systems. The client sends a request to the firewall, where it’s either allowed or blocked after being compared to the security rules. Proxy firewalls are best known for monitoring traffic for layer protocols (FTP and HTTP, for example).
Network Address Translation Firewalls
Network Address Translation Firewalls, or NATs, allow different devices with their own network addresses to connect to the internet using one IP address, and the individual IP addresses stay hidden. This way, when an attacker scans a network for IP addresses, they can’t get details about all of the devices that are online. This is similar to how proxy firewalls function – a NAT is the intermediary between traffic and a group of computers.
Stateful Multilayer Inspection Firewalls
Stateful multilayer inspection firewalls, or simply stateful firewalls or SMLIs, filter packets at several layers – application, network and transport. Each packet is examined in its entirety and only allowed to pass each layer one at a time if it meets the security guidelines. Furthermore, stateful firewalls recognize patterns, making it easier to block illegitimate traffic.
This technology is in contrast to packet-filtering firewalls, which are sometimes referred to as “stateless.” Stateful firewalls are more straining on your device, but that’s because they store and analyze so much more packet data.
Do I Need a Firewall?
Now that you have your answer to “what is a firewall,” you may be wondering if you need one. And you definitely do. Anytime you have a device, like a computer, that connects to the internet, you need protection. And that goes for more than just computers. Any internet-connected device needs protection, like your smartphone.
Think of it this way: if you don’t have a firewall on a device that’s connected to the internet, a hacker could get into the device, take it over, install any malicious software they want and find out all of your sensitive information, like your bank account balances and logins. It gets worse. Hackers can also get into your camera and microphone to watch and/or listen to you.
If a hacker makes their way into a web server, they can change your website login credentials, ruin or remove your website and even add malware to your site that will infect your visitors’ devices. You can kiss traffic and sales goodbye if that happens.
Unless you’re protecting your own server, these are the types of firewalls to look for:
Instead of being for a network or web server, a personal firewall is meant for just one computer. You probably already have this – it usually comes standard with a Mac or Windows computer, as well as with antivirus software.
Personal firewalls do the following:
- Analyze all incoming and outgoing traffic, as well as whether or not the connection with your device’s apps is safe.
- Protect the ports that you use when connecting with websites and applications. The attackers can’t see that those ports are open when they’re in use.
- Prevent hackers from accessing and taking control of your computer.
- Defend against attacks that happen to get through.
Even if a firewall monitors network traffic, it may not detect traffic that comes from an app, service or software. That’s what application firewalls are for – to catch malicious attempts against software or older firewalls.
Web application firewalls (WAFs) work in a similar way, but they’re specifically designed to monitor web apps, not computer apps. Examples of web apps are third-party forms and shopping cart plugins. When a web app gets hacked, malware is sent to the server.
WAFs are usually cloud-based, making them easier to set up because you don’t have to do anything on the server level, but they may also be part of a hardware firewall. Also, remember that application monitoring is often part of a next-generation firewall.
Having a firewall built-in on your computer, or getting that same protection through antivirus software, is great. But what about if you have a WordPress website you need to protect? That’s where those cloud-based WAFs come in. A reputable online service and/or a security plugin will defend your site and keep you and your visitors as safe as possible. Also, make sure to select a web host that has high-level security for their servers, including a reliable firewall. Good news – we’ve rounded up the six best WordPress security plugins for you right here.