top of page
  • Instagram
  • Facebook
  • LinkedIn
  • YouTube
Search

What Is a Firewall? (No, Really — Let's Actually Explain It)

  • Jeremy Ross
  • 17 hours ago
  • 5 min read

Every business has one. Most businesses couldn't tell you what it does. And a surprising number of businesses have one that hasn't been looked at since it was installed four years ago by someone who has since left the company.

Let's fix the first problem. The other two we can talk about afterwards.

The One-Sentence Answer

A firewall monitors the traffic coming in and out of your network and blocks anything that looks like it shouldn't be there.

That's it. Everything else is detail.

The Slightly Longer Answer

Your business network is constantly exchanging data with the outside world. Emails coming in. Files being uploaded. Staff browsing the web. Cloud software syncing in the background. It's a lot of traffic, moving fast, in both directions.

Not all of it is welcome.

A firewall sits between your internal network and the internet and acts as the gatekeeper. Every piece of data that tries to get in or out gets checked against a set of rules. Does this match an approved pattern? Is this coming from a trusted source? Is this the kind of traffic that's supposed to be here?

Yes — it goes through. No — it gets stopped.

The rules are set by your IT team (or your IT provider, if you've got any sense). The firewall enforces them, around the clock, without needing a coffee break.

What Does a Firewall Do, Exactly?

Beyond the basics, modern firewalls do quite a lot more than wave traffic through or turn it away.

A next-generation firewall (NGFW) — which is what any serious business should be running — looks inside the traffic itself, not just at where it's coming from. It can identify specific applications, detect unusual behaviour patterns, block known malware signatures in real time, and pull in threat intelligence feeds that update as new attacks emerge.

There's also the web application firewall (WAF), which is a specific type worth knowing about. Where a standard business firewall protects your network perimeter, a WAF sits in front of your web-based applications — customer portals, ecommerce sites, online booking systems — and filters out malicious requests before they reach the application itself. If your business runs anything customer-facing on the web, a WAF is part of the picture.

And then there's the intrusion prevention system (IPS) — often built into next-generation firewalls — which goes one step further than just monitoring traffic. It actively analyses it for attack patterns and blocks threats in real time, before they can do anything.

Brands like SonicWall and WatchGuard build all of this into their hardware. It's the kind of firewall solutions that UK businesses actually rely on day to day.

What Kind of Threats Does a Firewall Stop?

The unglamorous truth about most cyber attacks is that they're not sophisticated. They're automated, opportunistic, and looking for the path of least resistance. A properly configured firewall removes a lot of those paths.

Here's what it's protecting you from on a typical Tuesday:

Unauthorised access. Bots and bad actors constantly scan the internet looking for open doors into business networks. A firewall closes those doors and doesn't answer when they knock.

Malware phoning home. When malware gets onto a device, it often tries to connect to an attacker's server to receive instructions or send data out. A firewall can spot and block that outbound connection before the damage is done.

Ransomware spread. If one device on your network gets infected, a firewall with the right rules can slow or stop the infection spreading to everything else. Not a cure, but a very useful circuit breaker.

Denial of service attacks. These flood your network with junk traffic to overwhelm it. Firewalls can detect the pattern and filter it out before it takes you offline.

Wireless threats. If your business has Wi-Fi — and it does — a wireless intrusion prevention system (WIPS) monitors your wireless network for rogue access points and unauthorised devices trying to get in through the back door. It's the wireless equivalent of everything above, and it's increasingly important as more devices connect over Wi-Fi.

Data leaving without permission. Outbound traffic monitoring means your firewall can flag unusual behaviour — like a large amount of data suddenly heading somewhere it's never been before.

Hardware Firewall, Software Firewall — What's the Difference?

You'll hear both terms. They're not the same thing.

A hardware firewall is a physical device — a box that sits on your network, usually between your broadband router and everything else. It protects the whole network. Every device behind it benefits. This is what businesses should have.

A software firewall runs on individual devices — the built-in Windows Defender firewall on your laptop, for example. It only protects that one device. Useful as a second layer. Not a substitute for the real thing.

Think of it this way: a hardware firewall is the fence around the building. A software firewall is the lock on each office door. You want both. You definitely need the fence.

What About Managed Firewall Services?

Setting up a firewall correctly is one thing. Keeping it that way is another.

Firewall rules need updating as your business changes. Firmware needs patching. Alerts need monitoring. Threat intelligence needs to stay current. Most businesses don't have the time or in-house expertise to do this properly — which is where managed firewall services come in.

With a managed firewall service, your provider handles the configuration, monitoring, patching, and ongoing management on your behalf. You get enterprise-grade firewall protection without needing a dedicated network security engineer on the payroll.

For small and medium businesses in particular, managed firewall solutions are often the most cost-effective way to stay properly protected — because the alternative is a firewall that's technically switched on but not actually doing its job.

"We Haven't Had a Problem Yet" Is Not a Security Strategy

We hear this a lot. And we understand it — if nothing's gone wrong, it's hard to justify spending money on something invisible.

But consider what "a problem" actually looks like when it arrives: a ransomware attack that encrypts every file on your network, a data breach that triggers an ICO investigation, or a prolonged outage that costs you days of productivity and the trust of your clients.

The firewall isn't an IT luxury. It's the thing standing between your business and a very bad week.

Talk to First Contact

We've been setting up and managing firewalls for businesses across Greater Manchester for over two decades. We work with SonicWall and WatchGuard, and our managed firewall security services mean we handle everything — configuration, monitoring, updates, and the 2am alerts you'd rather not deal with yourself.

If you're not sure whether your current setup is actually protecting you, let's find out together. No jargon, no pushy sales pitch — just a straight answer.

 
 
First Contact Logo.png

Interdata Ltd T/A First Contact
141a Bury New Road,
Whitefield,
Manchester,
M45 6AA

Limited Company Number: 4705700

VAT Number: 812637538

Tel: 0161 740 7400

Subscribe to our newsletter to stay updated with the latest insights, industry trends, and success stories from First Contact.

© 2025 Interdata Ltd T/A First Contact | Website by Red Saturn

Trusted Technology. Trusted Partners.

bottom of page