A computer firewall is either hardware or software form, or a combination of both designed to protect a networked computer from any unauthorized access. It is considered as the first line of defense in protecting a computer against such breaches.  Firewall is the first program or process that receives and handles incoming network traffic, and it is the last to handle outgoing traffic which means that it is the Gateway of the network. One can use a firewall to protect their home network and family from offensive Web sites and potential hackers.

A router is a good example of a hardware device that often has a built-in firewall whereas software-based firewalls included in many operating systems also protect your computer against these threats. Software firewalls, also sometimes called personal firewalls, are designed to run on a single computer. One drawback to software firewalls is that if the underlying operating system is compromised, then the firewall can be compromised as well. The operating system underlying a hardware firewall is as basic as possible and very difficult to attack. Hardware firewalls run either on a specially engineered network appliance or on an optimized server dedicated to the task of running the firewall.

Methods to control traffic flowing in and out of the network by a Firewall:

• Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded on the basis of a set of configurable rules, called policies.

-          Allowing or disallowing packets on the basis of the source IP address

-          Allowing or disallowing packets on the basis of their destination port

-          Allowing or disallowing packets according to protocol.

• Circuit Relay - It validates connections before allowing data to be exchanged according to configurable rules based upon:

-          destination IP address and/or port

-          source IP address and/or port

-          time of day

-          protocol

-          user

-          password

• Application Gateway - It is normally implemented on a separate computer on the network whose primary function is to provide proxy service. It can allow or disallow traffic according to very specific rules, for instance permitting some commands to a server but not others, limiting file access to certain types, varying rules according to authenticated users and so forth.

In Windows 7, Vista, XP and in Mac OS X 10.2 and later free software firewalls are built into the operating system. Third-party firewall packages also exist such as Zone Alarm, Tiny, Black Ice Protection, Norton Personal Firewall and McAfee Personal Firewall.