Firewall software is typically designed to prevent unauthorized access to a personal computer. A secondary function of most firewall software is to block unauthorized programs on a computer from accessing the Internet. They can typically be configured to treat traffic within a home or business network differently from traffic that involves the Internet. Some operating systems come equipped with firewalls, while other firewalls are available for purchase or as free software. It is often possible to configure a firewall to allow data to pass through particular ports, which is sometimes necessary for the proper operation of certain programs or games.
While firewalls can be either software or hardware based, many home users will tend to have firewall software. If a router is used it may also function as a firewall, in that routers can typically be configured to ignore certain types of traffic or packets sent to incorrect ports. Firewall software may be included with an operating system or obtained either alone or as part of a security suite. Typical software security packages may contain an antivirus program, a firewall, and other forms of malware protection.
Some common types of firewall software act as packet filters, only allowing certain types of traffic that are directed at the correct ports to pass through. This can allow Internet browsers, email programs, games, and other types of software to operate properly while also protecting the computer from malicious traffic. A firewall can be designed to expect certain types of packets to be directed at common ports and to ignore all other traffic. Custom configurations can either tighten the protection or allow more types of traffic through as needed for various applications.
Proxy servers are another type of software that can function as a firewall. A proxy server can allow the user to direct all incoming or outgoing traffic through a remote machine, masking his location or protecting his local computer from attacks. If a computer that is using a proxy server is targeted for external attack, the malicious traffic will typically not be able to reach it.
Most firewall software is able to differentiate between local network and Internet traffic. Firewall software will sometimes have the option to mark local traffic as friendly or trusted, which can subject it to a different set of filtering rules than traffic that originates from or is directed towards the Internet. This can allow for easier file and resource sharing over a home or business network and still protect the local computers from external threats.