What do we actually mean when we use the term "Firewall" ?
The term “firewall”, is often misunderstood. It is used widely to describe any solution that sits between your network and the outside world. If you take it at face value, a firewall should act as a protective shield at the gateway to your network – one that will prevent potentially harmful material from getting onto your systems and causing problems.
But while that sounds good, solutions that are sold as firewalls are not always that effective at keeping cyberattacks out. Many have quite basic functionality. They will block certain types of traffic and deny access to packets of data that are identified as being suspect or containing malicious content. Other traffic will be allowed to pass through.
With these basic firewalls. the user is often left to set-up the rules for blocking, allowing, or denying traffic types themselves – and without having specialist security knowledge, it’s easy to get that wrong. You may end up blocking out lots of material that’s perfectly safe – messages that you really would want to get through. Or setting the bar too low and allowing potentially harmful material to get onto your network.
But the real problem with simple firewalls is that they don’t really do anything else except block, deny or allow traffic. Cybercriminals found ways around this kind of basic protection a long time ago. Mostly by simply disguising their malware as something else. These days, the simplistic “block, allow, and drop” approach is not much of a defence against cyberattacks.