FIREWALL

A firewall is a hardware device or software application that sits between your computer and the Internet and blocks all Internet traffic from reaching your computer that you have not specifically requested. What this means is that if you browse to a web site, the firewall will allow the traffic from that web site to reach your computer and therefore yourself. On the other hand, if you did not request information from that web site, and the web site sent traffic to you, it would be denied from reaching your computer because you did not specifically ask for it.

Firewalls for the home user can either be a piece of hardware or a piece of software. The differences will be discussed below.

A Hardware Firewall is a device that sits between your Internet connection and the rest of the computers plugged into it. These firewalls usually come with a built in hub that allows you to connect multiple computers to it in order for them all to be able to share one Internet connection. These firewalls provide protection to all the computers connected to it using a technology called Network Address Translation, or NAT. This protection is performed by all the protected machines using private IP addresses, such as 192.168.1.X, that can not be reached via the Internet. The firewall then convert these internal IP addresses to the single public IP address that is assigned to the firewall. This makes it so that your hardware firewall accepts all incoming requests you asked for and then forwards them on to the requesting internal computer. Using this method, outside machines are never able to connect directly to your computers.

A Personal Firewall is a piece of software installed on each computer that needs to be protected. This software then filters all incoming, and sometimes outgoing traffic, and only allows only data that has been requested or explicitly allowed to pass through. Personal firewalls tend to be more feature rich than hardware versions, but they do not have the ability to allow you to share your Internet connection with multiple computers on the network.