From a functional point of view, a firewall is a kind of filter that controls data traffic and blocks dangerous or unwanted transmissions according to a set of specific rules . Most firewalls have standard rules to which the end user can add other customized ones, according to their needs. As we will see in the next section, there are various types of firewalls, each of which analyzes certain characteristics of data transmissions.
The firewall is placed between the external network , which includes the Internet, and the internal network of the company, home or simply the end user computer. From a theoretical point of view, the internal network is considered known, safe, reliable and protected, while the external one is the presumed source of potential threats, as on the whole it is unknown, insecure and untrusted.
Most firewalls use one of these two general rule enforcement criteria:
Default-deny : by default only what is explicitly authorized is allowed, while the rest is prohibited.
Default-allow : by default only what is explicitly prohibited is blocked, the rest is allowed.
The first criterion is the most used because it guarantees greater safety and greater precision in defining the rules. It is for this reason that, the first time you start an Internet-connected application on Windows, the operating system shows you a message asking you to authorize or block its connection. However, the second criterion allows for easier and faster configuration of the rules. On Windows it can be set manually, but it is not recommended.
Read More: configure cisco firewall