One of the more universally used terms in security, firewalls are a staple of protecting both devices and networks. One misconception about firewalls is that they are these broad all-in-one tools that block, hunt, and eradicate any and all threats. Well, that is partly true as Firewalls do act as a gate and block both incoming and outgoing traffic. This is either done by rules (no connections from this IP, allow traffic only to this online application, stop access to social media sites) also called a Stateless firewall.
The other approach, Stateful, takes context into consideration. Maybe, you allow connections from your device to unknown IP addresses, but your firewall notices an unordinary amount of traffic from different computers all over the world (a potential botnet attack) and immediately cuts off the network. Both approaches are very common and work to keep sensitive information in and malicious network activity out. The takeaway however, is that once something gets past the firewall it’s up to antivirus and intrusion detection / prevention to stop it (Unless your firewall has these additional features built in).« Back to Glossary Index