What is Firewall?

What Is a Firewall?

A firewall is a security system that monitors and controls network traffic based on a set of predefined rules. It acts as a gatekeeper between your internal network and the outside world, deciding which traffic is allowed through and which is blocked.

The concept is straightforward: just as a physical wall stops fire from spreading between sections of a building, a network firewall stops unauthorised or malicious traffic from reaching your systems. Firewalls have been a fundamental part of network security since the early days of the internet, and they remain one of the most important defences any business can deploy.

How Firewalls Work

At their core, firewalls examine network packets -- the small chunks of data that flow across networks -- and compare them against a set of rules. These rules define what kinds of traffic are permitted and what should be blocked. For example, a rule might allow web traffic on port 443 but block all traffic on port 23 (which is used by the insecure Telnet protocol).

Modern firewalls go well beyond simple port-based filtering. They can inspect the content of network traffic, identify specific applications, detect suspicious patterns, and even decrypt encrypted traffic for inspection before re-encrypting it.

Types of Firewalls

• Packet-filtering firewalls are the simplest type. They examine each packet in isolation and allow or block it based on source address, destination address, port, and protocol. They are fast but limited in their ability to detect sophisticated attacks
• Stateful inspection firewalls track the state of active connections and make decisions based on the context of the traffic, not just individual packets. This makes them significantly better at detecting unauthorised activity
• Next-generation firewalls (NGFWs) combine traditional firewall capabilities with advanced features like application awareness, intrusion prevention, deep packet inspection, and threat intelligence feeds
• Web application firewalls (WAFs) are specifically designed to protect web applications by filtering and monitoring HTTP/HTTPS traffic. They guard against attacks like SQL injection, cross-site scripting, and other web-specific threats
• Cloud firewalls operate in cloud environments and provide the same protections as hardware firewalls but are delivered as a service, scaling automatically with your infrastructure

Firewalls and PCI DSS

Firewalls are so important to payment security that they are the very first requirement of PCI DSS. Requirement 1 mandates that organisations install and maintain network security controls -- primarily firewalls -- to protect cardholder data. This includes:

• Establishing firewall rules that restrict traffic to and from the cardholder data environment
• Blocking all traffic that is not explicitly required for business purposes
• Reviewing firewall rules at least every six months
• Documenting the business justification for every permitted connection

The standard also requires that default passwords on firewall devices are changed, that firewall configurations are backed up, and that any changes to firewall rules follow a formal change management process.

Why Firewalls Matter for Businesses

For any business that handles payment data, firewalls are non-negotiable. They are the first line of defence against external threats, and a properly configured firewall can prevent the vast majority of automated attacks that scan the internet looking for vulnerable systems.

But firewalls are only as effective as their rules. A firewall with overly permissive rules -- or one that has not been updated to reflect changes in the network -- provides a false sense of security. Regular review and testing is essential to ensure that your firewall is actually doing its job.

Firewalls in Telephone Payment Environments

In contact centres and businesses that take phone payments, firewalls play a critical role in separating the telephony infrastructure from the payment processing environment and the broader corporate network. If your phone systems are VoIP-based, they are essentially computer systems on your network and need the same firewall protections as any other server.

Firewall rules in these environments need to be particularly careful about which systems can communicate with the payment gateway, which ports are open for VoIP traffic, and how agent workstations are isolated from sensitive payment systems. When card data is removed from the voice channel through DTMF suppression, the firewall configuration becomes simpler because there are fewer data flows to manage and protect.

Practical Considerations

• Document every firewall rule and the business reason behind it
• Review rules regularly -- at least every six months, as PCI DSS requires
• Remove rules that are no longer needed. Over time, firewalls accumulate rules that were added for temporary purposes and never removed
• Test your firewall configuration from the outside, not just the inside. An external vulnerability scan can reveal gaps you might not notice from within
• Keep firewall firmware and software up to date to protect against known vulnerabilities in the firewall itself

Firewalls in the Modern Landscape

As businesses move to cloud infrastructure and remote working, the role of the firewall is evolving. Traditional perimeter firewalls assumed that everything inside the network was trusted and everything outside was not. Modern approaches, particularly zero trust architecture, challenge this assumption by treating every connection as potentially hostile regardless of its origin. Cloud-native firewalls, security groups, and network access control lists provide firewall functionality within cloud environments, while endpoint firewalls protect individual devices regardless of where they are connected. The principle remains the same -- control and monitor network traffic -- but the implementation has adapted to a world where the network perimeter is no longer a clear line.