How Does a Firewall Software Work?

A Firewall monitors and controls network traffic in and out of a computer. Firewalls use 3 types of filtering mechanisms:

Packet filtering:

The data is transmitted through packets of information. The basic duty of the Firewall is to analyse whether these packets of information are unwanted or suspected of malicious activity.

Proxy:

A proxy Firewall is on a dedicated computer and can appear to be the recipient and responder, shielding the IP Address of the computer actually doing the communication.
Comodo’s Personal Firewall and Internet Security do not offer this mechanism. However, Comodo’s TrustConnect is a proxy virtual private network (VPN) that will shield your IP address when using WiFi.

Stateful Inspection

Stateful inspection is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall. Stateful inspection is also known as dynamic packet filtering.

Firewall Rules:

Firewall rules are requirements that can be customized. Creating or disabling the filter rules can be done considering the following conditions

IP Addresses

Suspicious IP addresses can be blocked.

Domain names

Permit only specified domain names to be accessible over your systems and servers, such as .edu or .mil.

Protocols

The access level of protocols like SMTP, IP, ICMP, FTP, UDP, Telnet or SNMP.

Ports

You can close entry ports that may be susceptible to hackers or malicious program and disconnect the ports of servers that have been connected to the Internet.
This helps user or the administrator to maintain a disciplined flow of data.

Keyword

A Firewall can check on the flow of data to determine if it matches keywords used to block unwanted information flowing in.