The word “firewall” gets thrown around constantly in cybersecurity discussions, but what does it actually do? And how is the firewall on your laptop different from the firewall in your router? This guide explains firewalls clearly, from basic concepts to practical settings you should check today.
What Is a Firewall?
A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined rules. It sits between a trusted network (your device or home network) and an untrusted one (the internet) and decides which connections to allow and which to block.
The name comes from the physical firewall in buildings — a barrier designed to stop fire from spreading from one area to another. A network firewall does the same conceptually: it stops malicious traffic from spreading into your protected network.
Types of Firewalls
Packet Filtering Firewall
The simplest type. Examines each packet independently against a ruleset: source IP, destination IP, port, and protocol. Fast and efficient but limited — doesn’t understand the context of a connection.
Stateful Inspection Firewall
Tracks the state of network connections. Knows whether a packet is part of an established, legitimate connection or an unsolicited attempt to initiate one. This is what your router’s built-in firewall uses — it allows responses to your outgoing requests but blocks unsolicited inbound connections.
Application-Layer Firewall
Understands specific application protocols (HTTP, FTP, DNS) and can filter based on content, not just packet headers. Can block specific types of web content or detect protocol abuse. Used in enterprise security products and next-generation firewalls (NGFW).
Software Firewall (Host-Based)
Runs on your individual device (Windows Defender Firewall, macOS Application Firewall). Controls which applications can send and receive traffic on that specific device. Complements your router’s firewall rather than replacing it.
How Your Home Router’s Firewall Works
Your home router includes a stateful firewall that does NAT (Network Address Translation). This means:
- All outbound connections from your devices pass through the router freely
- The router tracks which internal device made each outbound connection
- Response packets matching a tracked connection are allowed back in
- Unsolicited inbound connections — anything you didn’t initiate — are blocked by default
This is why port forwarding is necessary for hosting servers — you need to explicitly create a rule to allow specific inbound connections, because the default is to block them all.
Check which ports are currently exposed through your firewall using the ExamineIP Port Scanner.
How Windows Firewall Works
Windows Defender Firewall operates at the individual device level and works alongside your router’s firewall. Key things to know:
- It controls which applications can accept inbound connections
- When you install a new application that needs network access, Windows asks whether to allow it through the firewall
- You can view and modify rules in Windows Defender Firewall with Advanced Security (search in Start menu)
- It has separate profiles for Domain, Private, and Public networks — the Public profile is more restrictive, which is appropriate for coffee shop Wi-Fi
Firewall vs VPN: What’s the Difference?
A firewall controls which connections are allowed based on rules. A VPN encrypts all your traffic and routes it through a different server, hiding your IP address and activity from your ISP and the sites you visit.
They serve different purposes and work together: a firewall blocks unauthorized access to your network; a VPN protects your privacy on the connections you choose to make.
Signs Your Firewall May Be Blocking Something Legitimate
- An application can’t connect to the internet after you install it
- ERR_CONNECTION_REFUSED errors on specific sites or services
- Games show “Strict NAT” or can’t connect to multiplayer servers
- A newly installed server isn’t reachable from other devices
In these cases, check Windows Firewall’s blocked applications list or add a specific allow rule for the port or application.
Does a Firewall Protect Against Everything?
No. A firewall protects against unauthorized inbound connections and can block outbound connections from known malicious IPs. It does not protect against:
- Malware that arrives via email attachments or downloads (use antivirus)
- Phishing attacks (user education and browser filters)
- Attacks that arrive through allowed ports (e.g., a web server exploit on port 443)
- Insider threats or attacks from devices already on your network
A complete security posture includes a firewall, antivirus, secure network configuration, and a VPN for protecting traffic in transit.
Check what your firewall exposes to the internet
Use the Port Scanner to see exactly which ports are visible from the outside. Close anything you don’t intentionally have open.