How Does A Firewall Work?
A firewall is like the door to your house. Just like your door, you have control over who can come in or out by locking and unlocking it for visitors. Firewalls help control access to your computer or network from anything outside your computer or network.
But before we get into how firewalls work, you should know that today, every computer and network needs a firewall. Online threats are escalating sharply, and new types of threats are coming out more quickly. These viruses come through iTunes files, video game files, PDF’s and endless websites infected with and distributing viruses, malware, cryptolockers and keyloggers. Computer security threats are relentless, and firewalls help prevent threats from getting onto your systems.
Types Of Firewalls
Firewalls come in two forms - software firewalls and hardware firewalls. Both types use rules based systems to allow or deny traffic going in or out.
A software firewall, usually comes bundled with your antivirus. A software firewall only protects the machine it is installed on. This is your first line of defence against the outside world known as the Internet. By default everyone has one installed with their Windows or Mac operating system, though we often recommend using something more robust than the basic installation. For Windows users we recommend you give Zone Alarm a try. For Mac users, try Little Snitch.
A hardware firewall is a device which is setup at the end point of your network, normally connected to your Internet modem. These devices protect the whole network and all computers on the network. All traffic coming and going is filtered by the rules set on your firewall device.
PRO TIP: If you have 3 or more computers on your network, the cost of a hardware firewall becomes less expensive than good software protection on each individual computer. We recommend the Dell SonicWall or the Cisco ADA. The Dell SonicWall also has a function for firewall protection for your WiFI network, with whitelisting and blacklisting controls over which devices can or can't talk to the LAN - so you can control guest user access - or intruder access - allowing guests access to your WiFi, but not your server.
A Basic Explanation Of Firewall Rule Setting: Blacklisting and Whitelisting
Firewall rules work in one of two ways - using rules you set for either blacklisting or whitelisting applications and websites.
Blacklisting = You’re not on my bad list, so you’re allowed in.
You setup your firewall to block sites or addresses you don’t want your users to access. This allows them to access everything on the internet except the sites you have listed as bad (blacklisted).
Whitelisting = You’re not on my good list, so you’re not allowed in.
You setup your firewall to only allow users to go to the specific sites you approve (whitelisted). Your users can not access anything else on the internet unless you add it to the whitelist.
Application whitelisting is underused, and that’s unfortunate because it is excellent at preventing costly network security issues. Threats change every week, making the updating of a blacklist a Sisyphean feat. Whitelisting on the other hand makes security tighter and a little simpler. You block everything except a short list of “ok to allow”, and don’t have to worry as much about staying on top of every new threat that comes out. You have a job to do, and it likely isn’t tracking new computer security threats.
Do you have questions about computer or network security solutions? Please contact us today. We're here to help. We are TUCU, a small business IT Solutions company serving Toronto since 2003.