Skip to main content
Home/Glossary/Firewall

Firewall

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Security InfrastructureAlso called: "network firewall", "packet filter"

Firewalls act as barriers between trusted internal networks and untrusted external networks, filtering traffic to prevent unauthorized access and attacks.

Types of firewalls

  • Packet-filtering: Inspects packets against basic rules (IP, port, protocol).
  • Stateful inspection: Tracks connection states for context-aware filtering.
  • Application-layer: Deep packet inspection at the application level (Layer 7).
  • Next-generation (NGFW): Combines traditional filtering with IPS, malware detection, and application awareness.
  • Web application firewall (WAF): Protects web apps from HTTP-based attacks.

Why it matters

  • First line of defense against network-based attacks and unauthorized access.
  • Reduces attack surface by blocking unused ports and services.
  • Provides segmentation between network zones (DMZ, internal, external).
  • Required for compliance with PCI DSS, HIPAA, and other frameworks.

Implementation best practices

  • Deploy in layers: perimeter firewalls, internal segmentation, host-based firewalls.
  • Follow least-privilege principles: deny by default, allow only necessary traffic.
  • Regularly review and audit firewall rules to remove outdated entries.
  • Enable logging and monitoring for security event correlation.
  • Keep firmware updated and test rule changes in staging environments.

Related Tools

Related Articles

View all articles
📄

Grok vs Regex: What's the Difference and When to Use Each

Grok vs regex isn't a fight. Grok IS regex with a reusable naming layer for log parsing. Here is when to reach for each and how to convert between them.

Read article →
📄

Grok Pattern Examples for Common Log Formats (Nginx, Apache, Syslog, and More)

Copy-paste grok patterns for Nginx, Apache, syslog, Java, AWS ELB, HAProxy, Postgres, IIS, Docker and more — every one tested against a real sample log.

Read article →
📄

Zero Trust Access Compared: Cloudflare Access vs AWS Verified Access vs Azure Entra vs Google BeyondCorp

A deep technical comparison of Zero Trust Network Access platforms — Cloudflare Access, AWS Verified Access, Azure Entra Private Access, and Google BeyondCorp Enterprise — covering architecture, identity integration, device posture, pricing, and migration strategies.

Read article →
📄

DNS Infrastructure Compared: Cloudflare DNS vs Route 53 vs Azure DNS vs Google Cloud DNS

A deep technical comparison of managed DNS services from Cloudflare, AWS Route 53, Azure DNS, and Google Cloud DNS — covering architecture, performance, security, pricing, and strategic implications.

Read article →

Explore More Security Infrastructure

View all terms

Certificate Authority (CA)

A trusted entity that issues, validates, and revokes digital certificates used for secure communications.

Read more →

VPN (Virtual Private Network)

An encrypted network connection that creates a secure tunnel between a device and a remote network over the internet.

Read more →
Back to glossary