For a stronger and more secure network, look no further than a firewall. Firewalls are commonly used to protect networks from cyber threats. They typically sit between a private network, such as a Wi-Fi, and a public network, such as the internet. When traffic from the public network tries to enter the private network, it will be checked by the firewall. The firewall will only allow the traffic to reach the public network if it passes a set of rules. While firewalls can use different methods to check traffic, many of them rely on packet filtering.

What Is a Packet-Filtering Firewall?

A packet-filtering firewall is a type of firewall that lives up to its namesake by checking, and thus filtering, traffic based on packets. Packets are structured information that provide details about traffic. When a user attempts to access your network, he or she will send a packet. Packet-filtering firewalls will check these packets to determine whether they should allow or prohibit users from accessing your network.

How Packet-Filtering Firewalls Work

Packet-filtering firewalls work on layer three of the Open Systems Intercommunications (OSI) model. In other words, they are network-level firewalls. Packet-filtering firewalls can either accept or discard packets. Accepting a packet means that the user will be able to access your network. If a packet-filtering firewall discards a packet, on the other hand, neither the packet nor the user will be able to access your network.

Like with most other firewalls, packet-filtering firewalls leverage a set of rules when checking packets. They’ll compare each traffic to a set of rules. If a packet doesn’t meet the criteria of the rules, it will be discarded.

Rules for packet-filtering firewalls may consist of the following:

  • Internet Protocol (IP) address
  • Netowkring protoco
  • Source port
  • Destination port
  • Inbound vs outbound

When to Use a Packet-Filtering Firewall

You should consider using a packet-filtering firewall if you have a private network that’s connected to a public network. Most private networks are, in fact, connected to a public network. As a result, they are susceptible to external cyber threats, including malicious packets. A packet-filtering firewall will allow you to secure your private network. Once deployed, it will scan all packets based on your specified rules. The packet-filtering firewall will only accept packets that pass these rules.

Packet-filtering firewalls can check both inbound and outbound packets. Inbound packets are those originating from an outside public network. Outbound packets, conversely, are those originating from your own private network. Whether you want to check inbound packets, outbound packets or both, you can use a packet-filtering firewall.