What Is a Firewall?
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on a defined set of rules. It acts as a barrier between a trusted internal network and untrusted external networks (like the internet), allowing legitimate traffic through while blocking threats. Pair it with a VPN for encrypted tunneling, and use our port scanner to verify which of your ports are visible from the internet.
Types of Firewalls
| Type | How It Works | OSI Layer | Typical Use |
|---|---|---|---|
| Packet Filter | Inspects IP/TCP/UDP headers; allows or denies based on rules | Layer 3–4 | Routers, basic network perimeter |
| Stateful Inspection (SPI) | Tracks connection state; only allows packets that match an established session | Layer 3–4 | Home routers, enterprise firewalls |
| Application Layer (WAF) | Inspects payload content for specific protocols (HTTP, DNS, SMTP) | Layer 7 | Web servers, API gateways |
| Next-Generation Firewall (NGFW) | Combines stateful inspection with DPI, IPS, and application awareness | Layer 3–7 | Enterprise security appliances |
| Host-based Firewall | Software running on the endpoint; controls per-process traffic | Layer 3–4 | Windows Defender Firewall, iptables, pf |
| Cloud Firewall (FWaaS) | Firewall delivered as a cloud service; inspects traffic before it reaches your network | Layer 3–7 | Cloudflare Gateway, Zscaler, AWS WAF |
Firewall Rule Concepts
Firewall rules are processed top-to-bottom in order of priority. Each rule specifies a source address, destination address, port/protocol, and action (allow, deny, or log). The final rule is typically an implicit deny-all that blocks anything not explicitly permitted.
Firewall vs VPN vs Antivirus
- A firewall controls which network connections are allowed - It does not encrypt traffic or hide your IP.
- A VPN encrypts your traffic and masks your IP - It does not inspect or filter connection attempts the way a firewall does. Run a VPN leak test to ensure your VPN is properly protecting your IP.
- Antivirus software scans file content and running processes for malware - Complementary to, not a replacement for, a firewall.
- Defense-in-depth means using all three together: a firewall at the network perimeter, a VPN for encrypted tunneling, and antivirus on endpoints.
- Your home router already includes a basic stateful firewall - Ensure it's enabled and configured to block unsolicited inbound connections. See our router security guide for settings to change.