I have a firewall – am I good?

Firewalls are one of the many components defending our networks and computers from unwanted connections. But how do they help keep us secure? Imagine a firewall as a building with many doors. Each door controls access to a particular service on your computer.  For example, hosting a web page or running a database on your computer would be a legitimate service.  If you would like people outside the building to view your web page, you would need to open the door controlling access to that particular service.  Conversely, preventing unwanted outside connections to your database means you need to shut the door controlling access to that service. This type of control prevents people from just wandering in and connecting to any open service on your computer.  Keep in mind that people inside the building can come and go as they please.

So how do the bad guys manage to get in if the doors are closed?

  • Laptops or other portable devices coming into the house may carry infections that can open a door from the inside
  • Unauthorized Wi-Fi access points can open a backdoor into the house
  • Malicious code in a smartphone app can be hidden in legitimate services that can execute when brought back inside the house
  • Unpatched services that have an open door can be exploited to allow additional levels of access
  • People opening their email inside the house can release a virus infecting them or the rest of the building

To make it more difficult for hackers from gaining access, additional defense mechanisms such as anti-virus, anti-spam, and patching your computers are used in conjunction with the firewalls.  Employing various technologies such as these is known as Defense in Depth, and it helps to head off the intruders whenever they manage to find an opening.

So while firewalls may be considered our first line of defense, they are by no means our only tool in the security toolbox to help keep us secure.