If you are wondering what is a router firewall, here is a simple explanation.
A Router is like a doorway to the internet. It is a device that is used to connect to the external web network. A Firewall is like an armored security guard that protects various kinds of digital doorways.
The router’s job is primarily to route and direct packets of data from one network to another. On the other hand, a firewall is a security system that monitors incoming and outgoing traffic on your computer.
In simple words, a Firewall blocks or allows traffic based on a predefined set of conditions. But most importantly it is a barrier between the trusted internal network and suspicious outside networks.
The Need for a Router Firewall
In this age when computers hackers are dime a dozen and malicious programs abound, it is not just a safe practice but almost mandatory to have protection for your computer. This is done in the form of firewalls, antivirus programs and the like.
Firewalls are extremely important for security and it is considered the first line of defense in network security.
What is a Router Firewall?
Like we mentioned above, a firewall is a barrier between the internal and external networks. When you access the internet from your computer, you can be vulnerable. This can be in the form of malicious attacks via unsafe downloads or email attachments.
A well set up router firewall can detect unfriendly programs and block such traffic effectively even before it gets to your device. You can set up either a hardware firewall using your router or a software firewall or both on your network.
Your Router Can Function as a Hardware Firewall
Routers are advanced devices and can do much more than simple data routing. They create a barrier between your computer or network and the open internet. Your computer is protected from malicious bugs, viruses, and worms.
The router can follow a set of instructions and recognize malicious or bad requests from incoming traffic. It can also filter these bad requests and refuse their entry into the network.
The ability of the router to recognize and filter bad requests is based on the rules that the router administrator has specified. If the security norms are well-defined, the router will allow only the required services.
Or else it will block everything else. These features are why the router firewall is usually considered the first line of defense for your network.
Some of the rules you can specify on a router are:
1. Which network is the data coming from?
2. What IP address is it from?
3. Where does the data want to go?
4. What protocol to use? For example, HTTP is used for web traffic and SMTP is used for email
5. What port to use? The router can match the data packet with a particular port depending on the service. For instance, email is usually on Port 25 and HTTP runs on Port 80.
Router Firewall is nothing but a NAT Firewall
Most router firewalls work by simple NAT (Network Address Translation) routing and port filtering to control traffic. NAT helps the router identify internet addresses that your computer or network trades data packets with.
It also enables the router to send these data packets in the right direction. Your router assigns a unique IP address to every computer on your network. It then maps all the private addresses to a single public address using NAT.
NAT hides the true address of your computer or every computer on your network. It controls what traffic reaches your PC or the computers on your network. This restricts data transmission through Transmission Control Protocol and User Datagram Protocol ports.
All inbound traffic has to pass through these ports to enter your network. The NAT firewall analyzes the incoming traffic and lets in traffic that is deemed safe.
This way, only the traffic that you permit will be allowed, bringing down the chances of a malicious program entering your network drastically.
It is to be remembered that some NAT firewalls are better than others and give you more control over the TCP and UDP data transmission. Network administrators can configure the firewall to allow all or none of the incoming requests.
How to set up and configure a Router Firewall?
Step 1 – To check if your router’s firewall has been enabled, you need to log into your router’s administrative console by typing in your router’s IP address in the browser window. Your router will have a non-routable internal IP address. Most routers use 192.168.1.1 or 10.0.0.1 as its address.
Here’s a list of default router IP addresses:
Linksys – 192.168.1.1 or 192.168.0.1
D-Link – 192.168.0.1 or 10.0.0.1
Apple – 10.0.1.1
ASUS – 192.168.1.1
Buffalo – 192.168.11.1
Netgear – 192.168.0.1 or 192.168.0.227
If you do not know what your router’s IP address is, open the Run dialog box on your Windows computer by pressing Windows key + R.
Type CMD and press Enter.
In the Command window that opens, type in IPCONFIG /ALL and hit Enter.
Look for the IP address next to Default Gateway, copy the IP address provided and paste it in the browser to open your router configuration page.
You will now get access to your router firewall options page.
Step 2 – After you have located your router’s configuration page, type in your credentials and log in. Look for a tab called Firewall or SPI Firewall. It could be under Settings or Advanced Settings.
If the firewall is not activated or enabled, click on the Enable button. Click Save and Apply to save the changes. Your router will probably reboot after you click on Apply to make these changes.
Step 3 – After you have enabled the firewall, you can configure it by adding firewall rules and access control lists. Though router configuration pages may differ depending on the manufacturer, almost all routers will have the option of opening or blocking ports.
To configure your firewall and add firewall rules, look for port forwarding to block unauthorized access requests. Do remember not to block important ports; that will hamper your computer’s access to the internet.
Step 4 – The most important ports that you will need to keep open are listed below. If you are on a Windows computer, you don’t have to worry since Windows takes care of most port restrictions.
a. PORT NUMBER 80 allows Internet access (HTTP)
b. Port Number 443 allows secure Internet access (HTTPS)
c. Port Number 25 allows you access to emails (SMTP)
These three are the most important ports and keeping these open is good for normal browsing and emails. Some software needs access to additional ports.
If such software is running on your computer, it will take care of opening any port that it needs to function.
Software Firewall vs Hardware Firewall
A software firewall resides on your computer and defends only your computer from malicious attacks and spam. It is a gatekeeper of sorts and it lets in some traffic while blocking others.
This also monitors the traffic that leaves the network. Windows comes with an inbuilt firewall that monitors every application that uses the internet and either block or allows traffic based on the application.
A software firewall is important because it will protect your computer even if other computers on your network have been infected by a worm or virus. A software firewall is helpful because you can control access to the internet on a per-application basis.
You can set up a software firewall to prompt you every time an application requests access to the internet where you can either allow or block access as the situation demands.
Software and hardware firewalls are similar in that both block incoming traffic by default and allow in only specific traffic. Thus it is protecting your computer and network from vulnerabilities.
A hardware firewall sits between your computer and the internet whereas the software firewall is between your computer and the rest of the network. Both firewalls are important and experts suggest that both firewalls are necessary for complete security of your home network and devices that connect to the internet.
While a router firewall is your computer’s first line of defense, it is by no means your computer’s only security option. You can protect your network’s security by using a router firewall but you cannot rely on it to stop malware and hacker attacks disguised as legitimate requests.
A complete security system for your computer should include a hardware firewall, software firewall, and an antivirus program.
Further Reading: 6 Ways to Effectively Block Websites on Chrome