Skip to main contentSkip to main content
    Back to Glossary
    security
    2 min read

    Firewall

    A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

    Firewalls are fundamental security controls that act as barriers between trusted and untrusted networks.

    Types of firewalls: - Packet Filtering: Examines packet headers (IP, port) - Stateful Inspection: Tracks connection state - Application Layer (WAF): Inspects application-level traffic - Next-Generation (NGFW): Combines multiple functions

    Deployment models: - Network firewalls (perimeter) - Host-based firewalls (on device) - Cloud firewalls (AWS Security Groups, Azure NSGs) - Web Application Firewalls (WAF)

    Key firewall principles: - Default deny (block all, allow specific) - Least privilege for network access - Regular rule review and cleanup - Logging and monitoring enabled

    Why It Matters

    Firewalls remain the foundational network security control, but in cloud environments, traditional perimeter firewalls are replaced by security groups, network ACLs, and cloud-native firewalls. Misconfigured firewall rules—particularly overly permissive inbound rules—are a leading cause of cloud breaches. Regular firewall rule reviews and a default-deny posture are essential for maintaining a secure network boundary.

    Key Points

    First line of defense for network security
    Implements default deny policy
    Cloud security groups are modern firewalls
    WAFs protect web applications specifically
    Rules should be regularly reviewed

    Applicable Compliance Frameworks

    SOC 2ISO 27001PCI DSSHIPAA

    Related Terms

    Network Segmentation

    Network segmentation divides a network into smaller subnetworks, isolating systems and limiting lateral movement if an attacker compromises one segment.

    Web Application Firewall (WAF)

    A WAF is a security solution that monitors, filters, and blocks HTTP traffic to and from a web application based on a set of rules to protect against web attacks.

    Zero Trust

    Zero Trust is a security model that requires strict identity verification for every person and device, regardless of network location.

    Frequently Asked Questions

    Is a firewall enough for security?

    No. Firewalls are essential but just one layer. Defense in depth requires multiple controls including EDR, IAM, and encryption.

    What is the difference between a firewall and a WAF?

    Traditional firewalls inspect network-level traffic (IP/port). WAFs specifically protect web applications by inspecting HTTP requests for attacks like SQL injection.

    Related Services & Resources

    Service

    Vanta Implementation

    Expert Vanta deployment with 80+ integrations configured in 4-6 weeks

    Learn more
    Service

    Drata Implementation

    Full Drata setup with automated evidence collection and control mapping

    Learn more
    Standard

    GDPR Compliance

    EU data protection and privacy regulations

    Learn more
    Standard

    ISO 9001 Certification

    Quality management system standards

    Learn more
    Resource

    SOC 2 Complete Guide

    Everything you need to know about achieving SOC 2 compliance

    Learn more
    Resource

    HIPAA Checklist

    Comprehensive checklist for HIPAA compliance requirements

    Learn more

    Need Help with Firewall?

    Our experts can help you understand and implement the right controls for your organization.

    Talk to an ExpertBrowse All Terms