What Firewalls Do (and don't do) to protect your business

What is a Firewall?

A firewall is a security system that monitors and controls incoming and outgoing network traffic. It acts as a digital barrier between your internal systems and the open internet, blocking unauthorized access while allowing legitimate communication.

A Brief History of Firewalls

Packet Filtering - The First Generation

Early firewalls were simple packet filters. They examined data packets based on predefined rules, such as IP address, port number, or protocol. While fast, they lacked awareness of the full context or connection state.

Stateful Firewalls - The Second Generation

Stateful firewalls added intelligence by tracking the “state” of active connections. They understood what a safe session looked like and could block traffic that didn’t match expected patterns.

Application Firewall - The Third Generation

Application firewalls began inspecting traffic at the application layer. They could block specific apps or services, helping businesses control internet usage and stop risky behavior.

New-Generation Firewalls (NGFW)

NGFWs combine packet inspection, state tracking, and app-level filtering with added features like intrusion prevention, threat intelligence, and even malware analysis.

Why Firewalls Alone Aren't Enough

Think of your firewall as your front door. It’s a great start, but you wouldn’t secure your entire home with just one lock. Firewalls don’t protect your endpoints, catch insider threats, or prevent phishing scams.

Many businesses fall into the trap of relying on firewalls as a complete solution, leading to a dangerous false sense of security.

5 Essential Tips to Improve Firewall Security

1. Use a dedicated Firewall—Not Just Your ISP

Your ISP’s all-in-one box might say it includes a firewall—but it’s often weak, outdated, and managed by someone else. Invest in a business-grade firewall where you control the settings.

2. Firewalls Are Not Everything

Firewalls don’t stop malware already on your devices or help during ransomware attacks. Use firewalls as one layer in a broader security strategy that includes endpoint protection, patching, and monitoring.

3. Control Outbound Traffic

Letting all outbound traffic flow freely is risky. Adversaries often upload stolen data or download malware after a phishing attack. Limit what your network can send out—it can stop an attacker in their tracks.

4. Change Default Settings Immediately

Many firewalls ship with default admin credentials like “admin/admin.” Attackers know this. Secure your firewall:

• Change default passwords
• Create a long emergency password and store it offline (ideally in a fireproof safe)
• Use a separate daily admin account

5. Patch Update Regularly

Firewall vulnerabilities are discovered constantly. As of this publication, 7 major firewall manufacturers have reported critical vulnerabilities that provide attackers with the ability to remotely access and control their firewalls. The most recent vulnerabilities have workarounds and/or patches that were released within days of the exploit discovery and announcement.

Always install firmware updates and security patches as soon as they’re released.  

Advanced Firewall Best Practices

• Limit services to only what’s needed
• Add a “deny all” rule at the end of your firewall rule set
• Use identity-based policy enforcement
• Don’t allow external remote management
• Send firewall logs to a SIEM platform
• Audit your firewall rules regularly
• Enforce role-based access control
• Use centralized firewall management, not on-device configuration

Final Thoughts

Firewalls are vital—but they’re just the start. Don’t let a false sense of security leave you exposed. Combine your firewall with layered protection strategies, employee awareness, and continuous monitoring to stay ahead of today’s threats.