What is a firewall?

The term "firewall" derives from the construction term, meaning a sturdy wall that can help prevent fires from spreading throughout a large building. On a network, the firewall performs a conceptually similar role: it sits between sections of the network, and prevents threats from spreading between them.

The Internet uses a system called TCP/IP to transfer data (information) between computers. Types of information are categorized by what port they use; for example, when you view this website in your browser you are connecting to our server (in Missouri) on port 80. That connection goes through a number of routers between you and our data-center, as well our firewall - and any firewalls you have running in-between.

Ports are either "open" (accepting connections) or "closed" (not listening). An open port isn't in-and-of-itself a vulnerability, but the program that answers when someone connects to that port might be! For example, there have been many occasions on which Windows users have been hacked after leaving their systems listening to the Windows File Sharing ports. A firewall's primary purpose is to close ports that you aren't using, don't know that you are using, or are intended only for local access.

Here's a real-world example. You have a server in your office, and it runs a billing system for you. You definitely don't want people all over the world to access your billing system! That's where a firewall can help: it sits between your server and the Internet, and prevents unauthorized access to your billing system.

Another example would be a working network that has a new computer added to it. The person setting up the computer needs time to apply patches, and may accidentally leave something unsecured; a firewall prevents outsiders from finding and exploiting the vulnerability while the system is setup.

Modern Firewalls

Modern firewalls do much more than simply restrict access. They can provide a web cache, to speed up your regular Internet access (by keeping a local copy of pages you and your employees access regularly). They can force Wi-Fi users to authenticate before they access your network. They can offer a secure way for you to work remotely through a Virtual Private Network. And best of all, they can provide a window through which to view what is happening on your network.

Insight, speed and security - all built into Thoth Firewall.