If you've heard anything about computer security, you have surely heard term "firewall". Security experts have warned, time and time again, "make sure your computer's firewall is turned on." So what is a firewall and why should you care what it is?
A firewall, from a computer context, is something that blocks communication. In computer terms, a firewall is used to block communication between computers on a network. So how can a firewall help you? The answer lies in the definition of a network.
Two or more computers that communicate and share information is deemed a network. Networks allow the sharing resources between computers. Shared resources could include physical devices, like printers, hard drives (disc space), scanners, etc., or could include intangible, electronic resources, like files (typed documents, pictures, etc), e-mail, web pages, databases and other forms of information.
The best example of a network is the Internet, which spans the entire globe and contains millions of computers. Each of these computers are indirectly connected to each other via copper phone wires, coaxial & fiber-optic cables, satellite & radio waves or other means. Regardless, each of these computers must speak a common language for any successful communication to take place.
For example, if two individuals participate in a phone conversation, they are sharing information (a resource). One could be using a cell phone and the other could be on a rotary phone. Either way, if one is speaking English and the other is speaking French, communication cannot take place. Both must be speaking the same language for successful communication to occur.
Likewise, computers must speak the same language, or protocol, regardless of the medium that physically connects them. To a computer, a protocol is more than a language, however. It is also a set of rules that determine how communications are conducted. On the Internet, computers must use the "TCP/IP" protocol. TCP/IP stands for "Transmission Control Protocol / Internet Protocol." TCP/IP, for the most part, was developed by the U.S. Department of Defense for use in military networks. It was later adopted as the protocol of choice for the Internet.
TCP/IP allows information to be transmitted and routed between the millions of computers on the Internet. To do this, it requires that each computer has a unique address, often dubbed an "IP address". Typically, your computer acquires this address automatically when it connects to your Internet service provider (ISP).
TCP/IP also requires that your computer use something called ports in its communication process. Ports are numbered, and are a sort of channel. The channel that is used depends on the type of communication that is needed.
Fundamentally, the process is similar to that of a post office. As mail arrives, it is sorted and placed into the appropriate PO boxes, based upon who the mail is intended for. If mail is placed in the wrong box, it won't be delivered to the intended recipient.
All e-mail communications, for example, take place using several ports reserved for e-mail. Web-browsing requires the use of other ports. These ports are pre-defined based on industry standards. All computers on the Internet must adhere to these standards for proper communication to take place.
However, most people forget that communication on the Internet is bi-directional, which means that computers from all over the world can request information from your computer as simply as your computer can request information from them.
This is where your firewall comes in handy. Without a firewall, all the open ("listening") ports on your computer are available to virtually anyone on the Internet. Without protection, it is possible for information to be "fetched" from your computer without your knowledge. A firewall can be configured to block undesired incoming traffic, while allowing acceptable outgoing traffic.
Part 2 of this series will cover additional information about firewalls, including some useful tips and tricks.
Have comments or suggestions for a weekly Tech Tips article? Send an email to firstname.lastname@example.org.