A firewall protects your local area network (LAN) — or even a single computer — against outside intrusion. Firewalls work as filters between the outside world and private networks, approving some types of traffic (such as when someone accesses a Web page) and blocking others (when unauthorized users attempt to access your network).

The term “firewall” doesn’t actually refer to any one device. A firewall could be either a piece of hardware or software, and more than one type of firewall can be used to provide extra network security.

There are two common types of firewalls:

  1. Packet-filtering firewalls. These firewalls apply predefined rules to filter the chunks of data, or packets, that pass through it. The filter accepts or rejects packets based on the originating computer’s network address or other characteristics. The packet filter might be a computer or part of a separate piece of hardware, such as a router.
  2. Proxy servers. Also known as gateways, a proxy server acts as a middleman that relays data between a network and the outside world. The proxy prevents outsiders from gathering information about computers inside a network. The proxy can also screen packets based on their application type (Web access or email, for example) or other identifying traits.

A firewall can also screen internal traffic on a network, separating different departments or branches of a large company. In some cases, a business will configure a proxy server to block employee access to certain types of Internet content, such as streaming audio or video.

If your home or business computer uses DSL, a cable modem, or some other type of always-on Internet connection, a firewall is extremely important. Some computer crackers make a hobby out of finding and breaking into these types of systems, and an unprotected computer is a sitting target for anyone who happens to guess your system’s IP address.

Fortunately, companies such as Symantec and others sell personal firewall software that installs quickly and easily on your computer and protects against intruders. Other firms make gateway routers — hardware that allows more than one computer to share a single Internet connection — that include built-in firewall software. This type of protection is relatively inexpensive, and it’s worth every penny you’ll pay to keep your computers safe.