You've seen "Windows Firewall" pop up, or toggled a firewall setting on your router, but what is it actually doing? A firewall is a gatekeeper for network traffic — it decides which connections are allowed and which are blocked. This guide explains what a firewall is, the main types, what it genuinely protects, and the common myths about what it can't do.
What a firewall is
A firewall is a security system — software, hardware, or both — that monitors network traffic and allows or blocks it based on rules. It sits between a trusted side (your device or home network) and an untrusted one (the internet), stopping unauthorized connections while letting legitimate traffic through.
You already use several: your OS has one, your router has one, and businesses run dedicated appliances. It's a foundational layer that controls which connections are permitted.
The main types
By technique:
- Packet-filtering — checks each packet against rules (address, port, protocol).
- Stateful — tracks connection state and allows return traffic for sessions you started.
- Application-layer / next-gen (NGFW) — inspects content and can block specific apps or threats.
By location:
- Host-based — runs on one device (Windows/macOS firewall).
- Network — protects a whole network at the router or an appliance.
Most setups combine a network firewall with host firewalls on each device.
What it protects against
A firewall is a gatekeeper for connections:
- Blocks unsolicited inbound attempts — port scans, attackers reaching for a service.
- Can restrict which programs on your device reach the internet.
- Enforces rules like blocking ports or destinations.
On a home router, it's why random machines on the internet can't directly connect to your devices. (For how connections actually find your devices, see what is DNS.)
What it can't do (the myths)
A firewall is widely overestimated. It doesn't:
- Encrypt your traffic — anyone in between can still read unencrypted data. That's a VPN's job.
- Hide your IP or location.
- Stop malware you run yourself, or phishing that tricks you — that traffic looks legitimate.
- Protect a connection it's set to allow.
A firewall governs what connects, not what's inside the traffic it permits.
A firewall controls connections; a VPN encrypts them → NordVPN
NordLynx (WireGuard) · Encrypts your traffic & hides your IP · Threat Protection blocks malware domains · 30-day money-back guarantee
Firewall + VPN: complementary
They solve different problems, so use both. The firewall refuses unwanted connections (great against an attacker probing an open port). The VPN encrypts your traffic and hides your IP from the networks and sites you use (great on untrusted Wi-Fi — see public Wi-Fi risks). Neither replaces the other.
The bottom line
A firewall is a rule-based gatekeeper that allows or blocks network connections — built into your OS and router, essential for keeping unsolicited traffic out. But it's one layer: it doesn't encrypt, hide your IP, or stop malware and phishing you let through. Pair it with a VPN for encryption and IP privacy, plus anti-malware and good habits, for real defence in depth.
Editorial guide based on how firewalls work (packet-filtering, stateful, NGFW; host vs network) and their documented limits versus VPNs and anti-malware. Commercial links carry the rel="sponsored nofollow" attribute; an affiliate commission may apply at no extra cost to you.
Network security guides related to firewalls
Get NordVPN
30-day money-back guarantee
