Firewalls are often perceived as being network appliances that protect entire networks from malicious traffic originating from the Internet. However, firewalls can also run as a service on computers, protecting the operating system from malicious attacks, blocking harmful traffic while allowing users to send and receive secure, acceptable traffic.
Modern host based firewalls (firewalls installed and configured on a workstation, server, or other network connected device) include a large array of features that vary depending upon the operating system and firewall in use. Most modern operating systems, such as the current Windows and Linux variants, include a host based firewall as part of the operating system. One benefit of using host based firewalls is their ability to block all ingress traffic, which of course including malicious traffic, from entering the operating system.
Host based firewalls that feature deep packet inspection can also identify malicious payloads, such as malware, contained within the packets being received by the operating system, stopping the payload before it can install and cause damage to the operating system.
Firewalls can also be configured to allow desirable traffic, usually based upon service port or source address, so that the computer can host services that enable connectivity with friendly network hosts while at the same time blocking traffic from unknown or malicious network hosts.
Since firewalls are generally designed and configured to deny all traffic except for traffic deemed acceptable by the administrator, if not configured correctly a host based firewall can block network traffic that the computer should receive, disrupting activities such as file sharing and email communications which are essential in most cases.
Firewall configuration also tends to increase administrative burden if not well-managed. If users within an organization have access to firewall controls, they can inadvertently (or purposely) block IT staff remote administrative access to the operating system, creating a situation requiring time-consuming in person IT staff visits. Similarly, incorrectly configured firewalls may block egress traffic the user needs in order to perform their work. This again creates a condition where work time is lost while a computer administrator determines and resolves the configuration problem.
Host based firewalls are essential to securing networks and systems. Contact us to optimize your host based firewalls for both security and performance.