Everyone is familiar with the term firewall. However, when asked “What is a firewall?” or “How does a firewall work?”, few people can provide a sat­is­fac­to­ry answer. Most people un­der­stand that it is used to fend off viruses and other malware from the internet. However, private users in par­tic­u­lar often do not realize that even the best firewall is useless if it has not been con­fig­ured based on user behavior or, worse yet, if it has not been activated. Here you will find every­thing you need to know to get the most out of your firewall.

What is a firewall?

The term firewall clearly il­lus­trates that it is meant to provide pro­tec­tion against external damages. When talking about computers, it means providing pro­tec­tion against threats lurking on the internet or other networks. One example of such a threat is malicious software known as malware. Malware is a virus or spyware that infects or in­fil­trates your computer to collect or modify sensitive data or to disrupt certain system functions. In extreme sit­u­a­tions, it can com­plete­ly cripple the operating system. A firewall can prevent this from happening.

By de­f­i­n­i­tion, a firewall acts as a kind of check­point po­si­tioned between the internet or another network and the local computer. It checks the access rights of programs and remote computers in both di­rec­tions. The firewall’s con­fig­u­ra­tion thus de­ter­mines whether programs installed on your computer can access the internet and vice versa. The firewall also controls com­mu­ni­ca­tion between your computer and other computers within a network.

Do private users need a firewall?

The fact that this question is still being asked is due to firewalls being initially used ex­clu­sive­ly for networks with the highest security re­quire­ments such as gov­ern­ment in­sti­tu­tions, banks and large companies. These networks are still protected by powerful hardware firewalls today.

Private users do not require such a high security standard and would not be able to afford it anyway. However, due to the spread of the internet, more and more private computers have been infected by malware. This resulted in the de­vel­op­ment of desktop solutions which are now an integral part of most operating systems. You should def­i­nite­ly protect your computer with an internal firewall since there is no shortage of viruses and Trojans online which target sensitive data.

How does a firewall work?

By de­f­i­n­i­tion, a firewall is designed to protect your computer from attacks. But how is this achieved in practice? How does the software know which programs are malicious and which are not? And how does it learn about newly pro­grammed malware in cir­cu­la­tion?

Firstly, it is important to un­der­stand that a firewall does not recognize whether something is malicious or harmless. All it does is monitor access between your computer and a network in both di­rec­tions. The firewall uses a set of pre­vi­ous­ly defined rules to determine whether it is malicious or not.

Image: Diagram of how a firewall works
This diagram shows a sim­pli­fied version of how a firewall works. It monitors data traffic and prevents any sus­pi­cious access attempts.

The ef­fec­tive­ness of your firewall thus depends on how you configure it. The following are some of the many different options available:

  • Access rights for remote IP addresses: Any access attempts by other computers in the network are iden­ti­fied by an IP address and are initially blocked by default. If the data transfer is desired, you can manually authorize it or add the IP address as an exception so that access will be permitted the next time without being prompted.
  • Access requests from online programs: You should have manual con­fir­ma­tion set for in­stalling programs found online. This way you can be sure that you are in­stalling the file you want, and you can im­me­di­ate­ly detect when an untrusted website is trying to infect your computer with malware.
  • Network vis­i­bil­i­ty: You can set the vis­i­bil­i­ty of your computer on networks. We recommend hiding your computer in public networks (e.g. WLAN hotspots in airports or cafés) to provide ad­di­tion­al pro­tec­tion from access attempts. While vis­i­bil­i­ty is not the same as having access per­mis­sions, it does mean that it is easier for attackers to target your data.
  • Blocking active website content: Some tech­nolo­gies (e.g. Microsoft ActiveX and Adobe Flash) used for dis­play­ing dynamic website content, such as videos and graphic an­i­ma­tions, are fre­quent­ly exploited to spread malware because the content runs locally on the user’s computer. You can block the execution of this content in advance.

Those are just some of the settings you can define in your firewall’s software con­fig­u­ra­tion. Naturally, in addition to blocking websites, services and IP addresses, you can also define them as trust­wor­thy and thus allow automatic access. This il­lus­trates the lim­i­ta­tions of a firewall – to reliably block malware, you need to correctly assess other programs and computers accessing your computer.

For this reason, you should not depend ex­clu­sive­ly on a firewall. You should also use a reliable antivirus program that compares both installed programs and dynamic website content with current virus de­f­i­n­i­tions and blocks them or warns you before executing them when necessary.

Many firewalls also work with ports. In order for a data packet from the internet to reach your computer, it must pass through one of these entrances. Each ap­pli­ca­tion uses a specific port. A firewall can be con­fig­ured to ensure that only the required ports can be opened. The firewall will block all other entrances and prevent ap­pli­ca­tions from accepting undesired or unplanned data packets. This regularly results in programs not working due to the firewall. However, if this occurs, you should not disable the firewall. Instead, just open the required port.

What kinds of firewalls are there?

As pre­vi­ous­ly indicated, there are two different types of firewalls: personal firewalls (i.e. internal or desktop firewalls) and external firewalls (i.e. hardware or network firewalls).

A personal firewall is installed directly on your computer and is usually already included in your operating system. It monitors data traffic and prevents unau­tho­rized access to and from a computer’s network services. Since most malware targets security vul­ner­a­bil­i­ties in network services, most attempts to attack your computer can be ef­fec­tive­ly blocked. The drawback is that with this system ar­chi­tec­ture, the firewall only reports the malware when it is already tech­ni­cal­ly accessing your computer. Nev­er­the­less, even if a secretly activated service continues to run despite being im­me­di­ate­ly unin­stalled, the firewall can at least prevent it from spreading malware unimpeded in the network.

An external firewall stands between your home network and another network (e.g. the internet) and monitors all external access. In this case, the firewall, not the computer, is connected to the internet and is then connected with one or more computers. This is the typical setup of a LAN where the external firewall is installed on the router. It analyzes the incoming data traffic before it even reaches the computer making the request and can thus block malware attacks before they have a chance to damage your computer.

Tip

If you are still hesitant to use an external firewall, you can still benefit from its high level of security by taking a small detour. IONOS virtual servers are protected by a powerful hardware firewall like all servers in the IONOS cloud in­fra­struc­ture.

How is a firewall activated?

If your operating system includes a firewall, which is standard in Windows and iOS, it is already activated when you first start up your computer. If it is de­ac­ti­vat­ed, you will receive the cor­re­spond­ing system in­for­ma­tion. You can then activate it yourself in your operating system’s security settings. There you will find all the settings options to configure the firewall to meet your re­quire­ments.

Go to Main Menu