With all of the Malware, viruses, hacking and network intrusions going around, a firewall is becoming a necessary network component. So what is one and what does it do?

All networks have some sort of routing device. It is the door between the local network and the Internet. It routes the traffic to minimize collisions and make sure things continue to flow. Think of it as the school crossing guard. It just directs traffic to where it wants to go. Some of them have some capability to block ports (certain IP destinations) or give priority to certain types of traffic (VOIP,) but essentially, they just move packets in an orderly fashion.

A firewall does the same thing that a router does, and much more. It is a network security appliance. It has the capability to inspect packets as they come through and allow or disallow passage based on the potential security threat. Think of it more as a military base guard. It checks out each packet as it comes through the door and makes sure it has a legitimate reason to come in, and isn’t carrying any threat in the trunk. In order to do this it requires constant updating of known threats and therefore requires a subscription to a service that sends updates as potential threats are uncovered. Firewalls also have the ability to manage outgoing traffic similarly. You may choose minimizing or excluding access to certain internet assets, or even, only allowing access to certain assets. Again, this is also often subscription based to dynamically update. For instance, if you decided to disallow access to adult themed sites, they change all the time, and the service is constantly updating the firewall to know when to stop the traffic.

This a REALLY simplified explanation of the differences, but we have seen that many people are confusing a router with a firewall. They are very different, have different price points, and are worth the difference. If you are using a router for your internet connection, I recommend changing to a firewall today. In today’s world, routers might be used behind a firewall to segregate portions of a network, but should not be used as your connection to the internet.

