- Firewalls prevent unauthorized access to network and to the objects inside networks. Firewalls examine the data packets that attempt to pass through the firewall and may reject packets that appear to be viruses or other malicious code or that fail to meet some other criteria. Firewalls can block access both into and out of a network. This is especially useful when a business' network connects to the Internet so that remote users or employees at branch offices can access it. In these cases, the firewall can allow the business' employees to access the network but block unauthorized users who might attempt to connect to the network through the Internet.
- Firewalls fall into to broad categories, or types. Hardware-based firewalls rely on particular hardware devices whose firmware performs the packet examination and blocking processes. Software-based firewalls reside on the computer systems they protect, as in the case of the built-in firewalls in the Windows operating systems (OS). Because hardware-based firewalls use resources from a dedicated device, and do not share a system's resources in the way that software firewalls do, they may be more robust. On the other hand, firewalls that reside in the OS can offer protection to mobile computers that employees use outside of the network. The two types of firewalls are not mutually exclusive and can be used in combination. A Windows XP-based workstation may have the built-in firewall enabled and may also connect to a Windows network supported by a router with a hardware-based firewall.
- Businesses use firewalls to protect their data, applications and systems. Businesses may have data that is essential to the operation of the business itself, such as employee and accounting data, as well as data about customers, vendors and partners. Businesses use firewalls to ensure that hackers cannot access applications and data from outside the business' network.
- Firewalls are part of a larger set of security measures that businesses put in place. These measures include, for example, identity management platforms to ensure that users are who they say they are, anti-malware applications such as anti-virus and anti-spyware, and end-point biometric security systems such as fingerprint readers. Firewalls are particularly advantageous in that they provide single-point-of-entry protection whose actions administrators can audit and record. In this role, firewalls represent the first line of defense in protecting a business' digital assets.
- Businesses that deploy firewalls must recognize that firewalls require maintenance over time and that such maintenance requires a specialized skill set. Both hardware and software firewalls require patches and updates to remain effective. At the same time, businesses must take care not to rely too heavily on firewalls for security to the exclusion of other types of security.
