Supportsoft Glossary

Protection Layer Against Cyber Threats

A firewall is an essential element of network security that provides the ability to observe and control both inbound and outbound traffic between an organisation’s trusted networks and unauthorised users on the Internet. The primary role of a firewall is to assess requests made to access the organisation’s network based on predetermined rules, either validating the request for access or denying it.

In addition to preventing unauthorised access and malicious attacks, firewalls can help avoid data loss or theft by filtering out suspicious traffic prior to allowing access to any internal systems.

Firewalls are classified in several different ways; they may be hardware devices, software applications running on a computer/server or high-end appliances with multi-layered analytics capabilities such as intrusion detection/prevention, deep packet inspection (DPI) and automatic responses to new/advanced threats. Modern firewalls will typically combine multiple layers of analysis (IP address(es), port(s), protocol(s) and type of applications) to detect intrusion attempts as well as other malicious activities.

As organisations have transitioned to remote work environments, firewalls have become increasingly critical in maintaining the security of data, enabling organisations to meet compliance obligations and protecting sensitive information. The ruleset(s) implemented by an organisation typically reflect their specific risk appetite and the workflows associated with that organisation.

By establishing a restricted point of entry into the organisation’s network, firewalls help protect the integrity of the organisation’s network by limiting exposure to cyberattacks. Ultimately, firewalls are a foundational element of the organisation’s cyber security posture.