Glossary

What is a Firewall?

What is a Firewall?

A firewall is a security system that monitors and controls network traffic based on predefined rules. It acts as a barrier between trusted internal networks and untrusted external ones, inspecting incoming and outgoing packets to enforce an organization's security policy.

Types of firewalls

  • Packet-filtering firewalls — inspect individual packets against a set of rules based on IP addresses, ports, and protocols. Simple and fast but limited in context.
  • Stateful inspection firewalls — track the state of active connections and make decisions based on the context of traffic, not just individual packets.
  • Next-generation firewalls (NGFW) — combine traditional firewall capabilities with intrusion prevention, application awareness, and deep packet inspection.
  • Web application firewalls (WAF) — specifically protect web applications by filtering and monitoring HTTP traffic between the application and the internet.
  • Cloud firewalls — delivered as a service to protect cloud-based infrastructure and applications.

Firewalls in compliance frameworks

Firewalls are a foundational control across compliance standards:

  • PCI DSS — Requirement 1 mandates installing and maintaining firewall configurations to protect cardholder data.
  • ISO 27001 — Network security controls (A.8.20, A.8.21) require network segmentation and filtering.
  • NIST CSF — PR.AC and PR.PT cover network protection and access enforcement.
  • SOC 2 — CC6.6 requires restricting access through network security controls.

Best practices

  • Define explicit allow and deny rules rather than relying on default configurations
  • Segment networks to limit lateral movement in the event of a breach
  • Review and update firewall rules regularly to remove stale or overly permissive entries
  • Log all firewall activity and monitor logs for anomalies
  • Test firewall configurations as part of regular penetration testing

How episki helps

episki tracks firewall-related controls, links them to evidence like configuration exports and rule reviews, and sends reminders when periodic reviews are due. Learn more on our compliance platform.

Related frameworks

cmmcpciiso27001nistcsf

Related terms

access-controlnetwork-securitypenetration-testing

Continue exploring

What is Access Control?

Glossary definition

episki vs Drata

See how we compare

What Makes a CISO Metric Actually Useful?

From the blog

See how episki handles this

Start a free trial and explore controls, evidence, and automation firsthand.
Start free trialBook a demo