A Firewall is a network security device that monitors and controls traffic based on defined security rules. Firewalls enforce boundaries between trusted and untrusted networks, permitting authorized communications while blocking malicious or unauthorized traffic. They are fundamental to network security architecture.
Types include packet filtering (examines headers), stateful inspection (tracks connection state), application layer/proxy (inspects content), and next-generation firewalls (adds intrusion prevention, application awareness, and threat intelligence). Placement includes perimeter, internal segments, and host-based implementations.
CISSP Relevance
Domain 4 (Communication and Network Security) covers firewall architectures, types, and deployment strategies. Understand how different firewall types operate, their strengths and limitations, and where they fit in defense-in-depth architecture. Know concepts like DMZ, bastion hosts, and screened subnets.
NIST guidance on firewalls is in SP 800-41 Guidelines on Firewalls and Firewall Policy.
Related terms: Intrusion Detection System, Defense in Depth