A computer that (a) acts as an interface between two networks (e.g., the Internet and an private network, respectively), and (b) regulates traffic between those networks for the purpose of protecting the internal network from electronic attacks originating from the external network. The firewall is capable of handling the following tasks: (a) isolating internal and external traffic (a bridge service); (b) making internal addresses invisible and directly unaccessible from outside and passing through authorized traffic after proper checking (a proxy service); (c) facilitating protected (encrypted) connections to cooperative parties over public networks (a tunneling service); (d) filtering outgoing traffic for security and network usage rules (filtering or monitoring service); (e) filtering incoming traffic for rogue data (viruses, spam, inappropriate data (filtering), or improper actions (port scanning, overload prevention, etc.; (f) blocking forbidden external services or addresses (blocking, “network nanny”-functions); (g) providing log-in services for authorized outside users and simulating the approved outside user as an inside user (proxy, log-in server); (h) caching network traffic (cache service); (i) converting between different network protocols on different protocol levels (bridge when handling lower level protocols, gateway when handling higher level protocols); (j) traffic diverting (e.g., for cost optimizing, accounting, network planning, monitoring); (k)providing consistent, open entry to the internal network (portal service) and facilitating public network address and connection sharing (proxy service). 2. [A] system designed to defend against unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. [INFOSEC-99] Synonyms front-end security filter, proxy.

firewall image