Internet is the large network of computers. What threats lie out there in the open? Nobody can tell. The best we can do is protect ourselves by closing all doors of entry. A firewall does just that plus a little bit more to safeguard your network. Let us see how.
Where does a Firewall fit in your network?
The best location of a firewall is right next to the modem which connects to the Internet. The figure below shows a typical network (LAN) connected to the internet via the modem.
The same network when fitted with a Firewall product looks as shown in the figure below. All traffic getting into your LAN and getting out of your LAN to the Internet will pass through this Firewall. Thus, allowing it to filter in real-time and allow/block certain content based on specified rules.
How does it protect from Internet Hackers?
In networking terms, every incoming connection from the Internet has to have a PORT of entry. This PORT is nothing but a specific number using which a Hacker gains entry into the network. A typical Firewall would block all PORTs of entry for all traffic so that the doors are closed for the hacker to gain entry. It creates a fireproof wall around the LAN so that no unknown connection is given an entry.
How does it protect against Viruses?
Files downloaded from the Internet act as the transport medium for Viruses/Malware. A Firewall with inbuilt Antivirus scans for viruses each and every file that is being downloaded from the Internet. The file if infected is straight away rejected at the Firewall itself thereby protecting the LAN PC from infection. Since the infected file never reaches the network computer there is no need of curing the file off the virus. Since the files are scanned in real-time, this feature, depending on the firewall hardware, may slow down Internet speed to a certain extent. Compared to the cost of getting the Virus out and cleaning your network once its already in, the resulting slow down (if any) due to virus scan is negligible and more than welcome.