What is Firewall Software? – Check Point Software

Firewall software is also available in firewall distributions that can be deployed on dedicated hardware, but for this discussion, we differentiate a software firewall from a hardware firewall in terms of how the firewall is deployed, i.e. on-host vs as a dedicated network device.

The two main ways to deploy a firewall are as firewall software running as an application on a host or as a hardware firewall running on a dedicated network device. Firewall software is widely used on personal and company laptops running Windows, macOS, and other Unix-like operating systems.

Mục lục bài viết

How Does Firewall Software Work?

In addition to Windows, macOS, and Linux software firewalls, firewalls can also be found embedded on IoT (Internet of Things) devices, especially those that are Linux based and use the iptables utility.

 

When firewall software is installed on a host, such as Windows, it can make granular network access decisions down to the application level. For instance, a web server application may be allowed to receive inbound connections on the standard TCP ports for HTTP traffic: ports 80 (HTTP) and 443 (HTTPS).

 

Only select services needed for normal network operations will be allowed through the firewall, and policy can be set based on profiles. For example, a domain profile may be for connections to an organization domain controller, a private profile for when connected at home, and a public profile for when connected to a public and unprotected network like Wi-Fi at the local coffee shop.

 

Security policy rules are typically pre-defined for each profile and can be customized if needed. By default, all outbound connections are allowed. Because of the number of devices, managing firewall software policy centrally will be difficult if this functionality isn’t included in the design of the product.