Technology Explained Web Culture

How Does A Firewall Work? [MakeUseOf Explains]

Matt Smith 10-02-2012

How Does A Firewall Work? [MakeUseOf Explains] firewallthumbThere are three pieces of software that, in my opinion, make the backbone of a decent security setup on your home PC. These are the anti-virus, the firewall, and the password manager.


Of these, the firewall is often the least well remembered despite its importance. The fade of the firewall from public view is due to the fact that Windows itself now has a built-in firewall, so there’s less need to go searching for a third-party option. Curious minds may wonder how they work, however, so let’s take a look.

The Beginnings Of The Firewall

The term “firewall” of course starts with actual walls built to prevent against fire. These are still common today in buildings that deal with hazardous materials. If there is a blast or fire, the firewall prevents the blaze from exiting the hazardous area and feeding on the rest of the structure.

Geeks adopted the term in the late 1980’s as a way of describing any piece of software or hardware that protects a system or network from the Internet at large. Malware like the Morris Worm provided that it was possible for software to pig-back the Internet and do serious damage to randomly targeted systems. As a result, security-savvy individuals and organizations started to look in to ways to protect themselves from such malware.

This is a good point to start talking about the three types of firewalls that are most common, starting with the first type invented – the packet filter.

Types of Firewalls

Packet Filters

Early firewalls only read packet header data, like source address and destination address. Action could then be taken based off the information obtained. This is efficient and quick, but can be vulnerable in some ways. Spoofing attacks, for example, can be very effective against a packet filter. Advanced versions of packet filter firewalls keep data about packets in memory and can change their behavior based on network events. These are known as “stateful” and “dynamic” firewalls, respectively.


Circuit Gateways

The next step in firewalls, the Circuit Gateway doesn’t just deal with packet header data. It also attempts to make sure that a connection relaying packets is valid. To do this, the Circuit Gateway pays attention to packet data and looks for changes, such as an unusual source IP address or destination port. If a connection is determined invalid, it can be closed.  These firewalls also automatically reject information not specifically requested by a user inside the firewall.

Application Level Gateways

These firewalls share the properties of circuit gateways, but they delve deeper into the information being sent through the firewall and see how it relates to specific applications, services and websites. For example, an application level gateway can look into packets carrying web traffic and determine what sites the traffic is from. The firewall can then block data from certain sites if the administrator desires.

Software Firewalls

How Does A Firewall Work? [MakeUseOf Explains] softwarefirewall

If you have a firewall installed on your computer, it is most likely an application level firewall. It will be able to control how individual applications access the Internet and block specific or unknown applications the moment the try to accept incoming information or send outgoing information.


Your personal firewall is also a software firewall. That means its functions are controlled by code installed on your computer. The advantage of this is obvious – you can easily change the settings of the firewall whenever you would like, and you can access its interface without logging into any separate piece of equipment.

However, a software firewall can be vulnerable due to the fact that it can be manipulated if the system it is installed on is compromised. If your computer was somehow infected with malware in spite of your firewall and other security measures, that malware might be programmed to circumvent the firewall or change its settings. For this reason, software firewalls are never entirely secure.

Hardware Firewalls & Home Use

Dave Habben

To address this vulnerability, large organizations usually use a hardware firewall or firewalls in addition to a software firewall or firewalls. The kind of firewalls used by organizations with their own networking department is heavy equipment capable of sniffing out network instruction attempts on its own. Often, they’re sold as part of a larger security ecosystem by companies that specialize in enterprise-level security solutions, like Cisco.


Such equipment often isn’t practical for a home user. But the alternative may already sit in your home. For one, every broadband router acts as a firewall due to its nature. A router acts as a go-between for your computers in the Internet. Connections sent your computers from the Internet are not sent directly to them – they’re sent to the router first. It then decides where that information needs to go, if anywhere. If the router decides the information wasn’t requested, or the information is sent to a port the router doesn’t have open at all, it’s dropped.

This is why you sometimes have to set up “port forwarding” in your router to get certain games to function. The packets coming in from the game’s servers are being ignored by the router. This isn’t a true firewall, however, because there’s no inspection of packets. It’s simply a side-effect of the way a router functions.

How Does A Firewall Work? [MakeUseOf Explains] ciscosmallbusinessrouter

If you decide you do want a real hardware firewall, you can buy one at affordable prices. Cisco, Netgear and others produce “small business routers,” which are small devices with built-in firewall functionality that are designed connecting for just a handful of computers to the Internet. Such a device usually uses a packet filtering or circuit gateway method, so it can’t be easily circumvented by a software infection on a network PC.


In addition, a basic hardware firewall is useful if you run a server because it can monitor for denial-of-service attacks and intrusion attempts. Don’t expect your $199 firewall to hold off Anonymous, but it could come in handy if SuCkAz555 is sore after you banned him from your Minecraft server.


Software firewalls remain an important part of securing your home computer. Windows has had a built-in firewall since XP, and if you’d just like to use that, we have a tutorial article Manage The Windows Firewall Better With Windows 7 Firewall Control Read More that can help you learn your way around. Free third-party firewalls still exist The Three Best Free Firewalls for Windows Read More , as well.

If you are behind a router and have a software firewall, you’re reasonably well protected. The main way that you would become compromised is if you downloaded malware that then managed to circumvent your system including your firewall. But if you have anti-virus software Free Security Suite for Windows: Microsoft Security Essentials Read More and you did not disable User Account Control, any such attack should be stopped in its tracks.

Image Credit: David Nutter and Dave Habben

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Salma Agamara
    June 21, 2012 at 9:55 am

    In simple terms how does a firewalls works because am stil not getting the point.

    • Matt Smith
      June 21, 2012 at 4:07 pm

      A firewall looks at traffic coming in and our of your network or computer and blocks what is not authorized. That's the one-sentence description. It's a bit hard to simplify more than that because not all firewalls perform this task the same way.

  2. Ben
    June 21, 2012 at 7:12 am

    Are there software firewalls that are better than the Windows Firewall?

    • Matt Smith
      June 21, 2012 at 4:04 pm

      There are software firewalls available in almost every security suite on the market as well as many stand-alone options. Often they are better than Windows Firewall if only because they have a better interface and/or offer more detailed controls for traffic. But, basically, Windows Firewall does the job.

  3. Shehan Nirmal
    June 6, 2012 at 4:31 pm

    Thanks to MakeUseOf Explains...

  4. Morpheus Exegis
    February 10, 2012 at 6:15 pm

    Or for home users  build your own gateway / firewall on a spare computer or VM with linux OS and IPchains etc or a customized Linux package like ClearOS, Pfsense, etc.