When talking about network security, something that pops up quite often is firewalls. It’s very unclear what they are really doing for non-networking people except that they may block bad traffic. But how do they know what is bad what is not?
In this blog post, I wanted to clarify what a firewall is and that is exactly what you are going to learn if you continue reading. On top of that, I will tell you why you should not buy a firewall except if you are a company, then you should really get one. You’ll also learn some of the disadvantages of firewalls. But let’s start with what a firewall is.
What is a Firewall?
A firewall is not a wall to keep the fire out, however, it has similarities. A firewall in a building is there to block a fire so that the area behind it can be safe. A network firewall is working the same way. It keeps the area behind it, the LAN, safe from bad stuff that would like to get into a network.
Essentially, a firewall is your shield to the outside network. All traffic that comes into your network is scanned by the firewall and it will throw out any packets that are not allowed. It knows which packets to throw out based on rules that have been set up beforehand.
Something that is very common when configuring a firewall is to block everything and then add a rule for each thing that needs to come through. This could be quite long and isn’t very fun to set up but it’s secure, which is the whole reason why a firewall is there in the first place.
A firewall often has traffic logs as well so that you can see what the firewall is blocking and what it is letting through. While it may not be as interested to you, it’s very interesting for Enterprise to see which services and/or systems that are trying to reach out to the internet or entering the LAN.
While some, like Roger A. Grimes at CSO, doesn’t think firewalls are needed, I do believe that they are still needed. But does that mean that you, like a regular home user, should get a firewall? The simple answer is no, and here’s why.
Why You Don’t Need a Firewall
You already have one. Unless you have actively turned it off, you already have a firewall that is protecting you from the bad stuff. I am running macOS on my main computer and this operating system is asking me whenever a program or a system wants their traffic to come into the laptop. This way, I can decide myself if I want a program to be allowed into my computer.
If you are using Windows, you should get the same experience with the operating system asking you for permission. You will only get these questions on programs that you have installed yourself. The operating system will automatically allow traffic that is needed by the operating system as well as basic networking. On my Mac, I was also able to choose if I wanted to allow ping from outside the network or not.
But hold on for a minute now, isn’t a firewall a physical box that you need to configure? Well, yes, but there are two types of firewalls, software, and hardware. While they are doing the same basic thing, hardware firewalls tend to offer much more features and perform much better than software ones.
A software firewall that you have on your computer, will also protect your computer only. It will not protect your whole network, which a hardware firewall can do. These hardware firewalls are placed between the internet connection and the router, so that all traffic that is going to the router, has been filtered as OK by the firewall. This is not possible with software.
However, to get back to the main question here, for home use, there really is no need to get a hardware firewall as the firewall on your computer is good enough. Unless you are very interested and want to learn more about TCP, UDP, ports, and packets, then a firewall can be a fun way to get started.
What Does a Firewall Protect You from?
A firewall can protect you from bad stuff, I’ve told you that already. But how does it do that and what exactly do I mean by “bad stuff”? When I say, “bad stuff”, I am talking about hackers and other unauthorized connections to your network. I am also talking about viruses and malicious code that you may end up getting in your email or download from the internet.
A physical firewall that is filtering traffic into the network, will protect against people that are outside your network and is trying to get in using different methods. If the firewall is correctly configured, it will block these connections and you can see that is was blocked from the log.
The firewall will also block a lot of unnecessary traffic in your network. I looked at the log that we have at my work and there is a lot of chatter that is being blocked by the firewall. What I mean by that is that there are bots that are trying many common ways trying to get inside. This has been set up by humans and if they get in, I guess if a bot succeeds, they will notify a human.
If you instead download a malicious software or get a file in an email, a physical firewall may see the bad file and lets it through. Then, you have the software firewall on your operating system that will protect you instead. Not from getting the virus on the computer but the firewall can block the virus from sending your information out to the internet. However, many viruses will add themselves to the OK-list on a firewall, which is how they get past this.
Basically, a firewall is very good at keeping anything that you don’t want in your LAN, outside of the LAN.
Why Companies Should Have a Firewall When You Don’t
If you run a business and does not have a firewall yet, then I highly recommend that you get one. While you may not need one for your private network, a business network is often more interesting for an attacker than a private network, because of the information that businesses have. It is also common for small businesses to not have a strong network security, making it even easier for attackers to get in to see customer data and business financials.
Having a physical firewall is the very first line of defense against threats from the outside. By now, you should know the advantage of a firewall and it is simply a must for a business. It’s much easier to control one firewall than having to manage software firewalls on company computers, especially if you have a few of them. If you have hundreds of computers, then having one hardware firewall is a no-brainer, simply because of management.
If you have two offices on two different locations, having a firewall can actually connect these two offices using a VPN tunnel. What this means is that you have two firewalls on each site, that will then connect to each other in a secure, encrypted network tunnel. The offices will then be able to speak to each other, meaning that you can have network resources at one office only.
There are many other benefits of having a firewall for a business. It’s a great way to monitor the network traffic, making sure that your employees are not downloading torrents from the company network, for example. You are also able to block websites so that your employees can’t visit them.
Many of these problems are problems that you don’t have on your private network, and these are a few of the reasons why a business should have a hardware firewall, even if they are just a small business.
What are the Disadvantages of a Firewall?
But of course, there are disadvantages with a firewall as well. However, the benefits of having a firewall are always better than having no firewall at all, be it software or hardware. But it’s still good knowing the limitations of firewalls.
If you have a hardware firewall for your company, this firewall will not protect you from internal attacks that happens behind the firewall. This could be an employee plugging in a USB stick with malicious code on or downloading a software from the internet that looks like something else. If it has passed the firewall, you need to deal with it some other way.
When it comes to software firewalls, they are always in the background, checking for incoming and outgoing traffic for the computer. This means that the firewall will always take some performance from the computer that you may have wanted elsewhere. This is a problem that used to be big but nowadays the computers are powerful enough and the operating systems are smart enough, that there really isn’t any big performance hit. But if you have an old laptop, this could be a problem.
In the end, having a firewall for your home network is something that you already have. There is no point having a physical firewall unless you are interested, and if you are not interested, then don’t bother.
I would also advise against buying software firewalls. It is very popular for anti-virus software’s to include a firewall, that the advertisement says is better than the built-in but it’s usually not.