A firewall is a network security device / software that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. An early type of firewall device, a proxy firewall serves as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality such as content caching and security by preventing direct connections from outside the network. However, this also may impact throughput capabilities and the applications they can support. Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next. As you read through this article, you will learn more about firewalls, how they work and what kinds of threats they can protect you from.
There are several types of firewalls that have developed over the years, becoming progressively more complex and taking more parameters into consideration when determining whether traffic should be allowed to pass. Firewalls started off as packet filters, but the newest do much much more.
These firewalls act as a gateway between end users who request data and the source of that data. Host devices connect to the proxy, and the proxy makes a separate connection to the source of the data. In response, source devices make connections to the proxy, and the proxy make a separate connection to the host device. Before passing on packets to a destination address, the proxy can filter them to enforce policies and mask the location of the recipient’s device, but also to protect the recipient’s device and network.
Web application firewalls sit logically between servers that support Web applications and the internet, protecting them from specific HTML attacks such as cross-site scripting, SQL injection and others. They can be hardware- or cloud-based or they can be baked into applications themselves to determine whether each client trying to reach the server should be allowed access.