Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

Introduction of Firewall in Computer Network

A firewall is a network security device that prevents unauthorized access to a network. It monitors both incoming and outgoing traffic using a predefined set of security to detect and prevent threats.

What is Firewall?

A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules accepts, rejects, or drops that specific traffic.



  • Accept: allow the traffic
  • Reject: block the traffic but reply with an “unreachable error”
  • Drop : block the traffic with no reply

A firewall is a type of network security device that filters incoming and outgoing network traffic with security policies that have previously been set up inside an organization. A firewall is essentially the wall that separates a private internal network from the open Internet at its very basic level.



History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on routers. ACLs are rules that determine whether network access should be granted or denied to specific IP address. But ACLs cannot determine the nature of the packet it is blocking. Also, ACL alone does not have the capacity to keep threats out of the network. Hence, the Firewall was introduced. Connectivity to the Internet is no longer optional for organizations. However, accessing the Internet provides benefits to the organization; it also enables the outside world to interact with the internal network of the organization. This creates a threat to the organization. In order to secure the internal network from unauthorized traffic, we need a Firewall.

Working of Firewall

Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. For example, Rules are defined as any employee from Human Resources department cannot access the data from code server and at the same time another rule is defined like system administrator can access the data from both Human Resource and technical department. Rules can be defined on the firewall based on the necessity and security policies of the organization. From the perspective of a server, network traffic can be either outgoing or incoming.

Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is always better in order to achieve more security and prevent unwanted communication. Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address and destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of port number which identifies purpose of that packet.

Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For this reason, the firewall must always have a default policy. Default policy only consists of action (accept, reject or drop). Suppose no rule is defined about SSH connection to the server on the firewall. So, it will follow the default policy. If default policy on the firewall is set to accept, then any computer outside of your office can establish an SSH connection to the server. Therefore, setting default policy as drop (or reject) is always a good practice.

Types of Firewall

Firewalls can be categorized based on their generation.

1. Packet Filtering Firewall

Packet filtering firewall is used to control network access by monitoring outgoing and incoming packets and allowing them to pass or stop based on source and destination IP address, protocols, and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers). Packet firewalls treat each packet in isolation. They have no ability to tell whether a packet is part of an existing stream of traffic. Only It can allow or deny the packets based on unique packet headers. Packet filtering firewall maintains a filtering table that decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be filtered according to the following rules: 

2. Stateful Inspection Firewall

Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table.

3.  Software Firewall

A software firewall is any firewall that is set up locally or on a cloud server. When it comes to controlling the inflow and outflow of data packets and limiting the number of networks that can be linked to a single device, they may be the most advantageous. But the problem with software firewall is they are time-consuming.

4. Hardware Firewall

They also go by the name “firewalls based on physical appliances.” It guarantees that the malicious data is halted before it reaches the network endpoint that is in danger.

5. Application Layer Firewall

Application layer firewall can inspect and filter the packets on any OSI layer, up to the application layer. It has the ability to block specific content, also recognize when certain application and protocols (like HTTP, FTP) are being misused. In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall, each packet has to pass through the proxy.

6. Next Generation Firewalls (NGFW)

NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect the network from these modern threats.

7. Proxy Service Firewall

This kind of firewall filters communications at the application layer, and protects the network. A proxy firewall acts as a gateway between two networks for a particular application.

8. Circuit Level Gateway Firewall

This works as the Sessions layer of the OSI Model’s . This allows for the simultaneous setup of two Transmission Control Protocol (TCP) connections. It can effortlessly allow data packets to flow without using quite a lot of computing power. These firewalls are ineffective because they do not inspect data packets; if malware is found in a data packet, they will permit it to pass provided that TCP connections are established properly.

Functions of Firewall

Advantages of using Firewall

Disadvantages of using Firewall

Practice Question

Question: A packet filtering firewall can [ISRO CS 2013]

(A) Deny certain users from accessing a service

(B) Block worms and viruses from entering the network

(C) Disallow some files from being accessed through FTP

(D) Block some hosts from accessing the network

Answer: Option (D)

For more details you can refer ISRO | ISRO CS 2013 | Question 44 published quiz.

Frequently Asked Question on Firewalls – FAQs

Can Network Speeds Be Slowed Down by a Firewall?

Yes, Network speeds can be slowed down by a firewall.

How do firewall stop traffic?

The firewall acts as a constant filter, analyzing incoming data and blocking anything that appears suspicious from entering your network to protect system.

Can Firewalls Stop Worms?

Yes, Installing a firewall helps prevent worms and malicious software from infecting a computer in addition to blocking unwanted traffic.


Article Tags :
Computer Networks
Web Technologies
Recommended Articles
1. Difference between Traditional Firewall and Next Generation Firewall
2. Difference between Hardware Firewall and Software Firewall
3. Types of Network Firewall
4. Basic Network Attacks in Computer Network
5. How to Find Network IP Address of Computer Using Computer Name?
6. Zone-based firewall
7. Firewall methodologies
8. Zone-based firewall Configuration
9. How to setup firewall in Linux?
10. Difference between Firewall and Antivirus
11. The Importance of Using a Firewall
12. Difference between Router and Firewall
13. Difference between Firewall and Proxy Server
14. What is a Next generation Firewall?
15. What is a Proxy Firewall?
16. Difference between WAF and Firewall
17. What is a Web Application Firewall?
18. Firewall Design Principles
19. Firewall as a Service (FWaaS)
20. Which Ports on Firewall Should be Allowed for IPSEC Site to Site VPN?
21. Difference between Storage Area Network (SAN) and Network Attached Storage (NAS)
22. Differences between Wireless Adhoc Network and Wireless Sensor Network
23. Difference between Next Generation Network and Traditional Network
24. Difference between Software Defined Network and Traditional Network
25. Difference between Network Administrator and Network Engineer