Applications of a firewall

When will you see the term “firewall”?

The term “firewall” is commonly found in discussions about network security, IT infrastructure, and cyber security strategies. You’ll likely encounter it in company policies and news articles about cyber incidents. 

It’s unlikely you’ll have a security training module on firewalls themselves, as it’s up to the security team to monitor firewall activity, but the word may be thrown into some scenarios in your training. 

When will you use a firewall?

Your company likely already has a firewall set up, so if you are on a company device you are technically using one right now. This firewall is used to create a secure network zone and restrict access to any sensitive data your organization stores.

You can also install firewalls on your personal devices. Firewalls are often part of antivirus software packages and can help protect you from online threats such as malicious downloads. 

How do you detect an issue or breach with your firewall?

Again, it’s likely up to your security team to monitor your firewall. But, if you notice any suspicious activity on your network, ensure you report it directly to your security manager right away. 

On a personal device, you can set up alerts to notify you of any unusual activity on your network or schedule to regularly review the logs generated by your firewall that will reveal any unusual patterns in your network. 

Real-life case of a firewall breach 

The 2013 Target breach was one of the largest and most well-known data breaches of all time. Cyber criminals were able to steal 40 million credit and debit records and 70 million customer records. 

The attack began on a third-party vendor, which had a portal leading to Target’s network. This portal allowed cyber criminals to hop from the third-party vendor’s network into Target’s and steal millions of data. Had Target had a better firewall protecting its network from third-party vendors and unusual activity, this attack may have never happened or been detected earlier. 

Other terms to know

• Intrusion Detection System (IDS): A system that monitors network traffic for suspicious activity and issues alerts when potential threats are detected.
• VPN (Virtual Private Network): A service that encrypts your internet connection and hides your IP address, providing a secure connection between your device and the internet. 
• Antivirus Software: Software made to detect and destroy computer viruses. 

Firewalls are a critical part of any cybersecurity strategy, providing essential protection against unauthorized access and cyber threats. By understanding their applications, regularly monitoring them for unusual activity, and learning from past breaches, individuals and organizations can better safeguard their networks and data. As cyber threats continue to evolve, staying informed about firewall technology and practices remains vital for robust security.