What is a Firewall and can a VPN bypass it?

Firewall VPN

We often read all kinds of stories about the abilities of VPN technology, most of which are rather well-known. They can protect you from online surveillance, hide your location and identity, and most shield your online traffic.

However, did you know that they can also help you bypass firewalls?

In this guide we'll be exploring everything you ever wanted to know (and more) about firewalls, VPNs and how they work together.

What is a Firewall?

Let's start from the beginning, and explain what a firewall is in the first place.

Essentially, a firewall is a security system that keeps an eye on all incoming and outgoing internet traffic of a specific network it is guarding. Think of it as a gate of a mansion that controls what enters and what leaves at any time.

Firewalls get specific rules about what kind of traffic is allowed, and it makes sure that nothing other than that can enter or leave. If you didn't request it, it can make sure it doesn't come in.

Most of the time, it acts as a barrier between a trusted internal network, and an untrusted external network… the wider internet.

What are the different types of firewalls?

Firewalls come in different shapes and sizes and you'll find a variety of them in different guises.

Below are some of the most common:

1. Local Device Firewall

First, we have a local firewall, and one of the most common examples in this category is the Windows Defender firewall.

You can also get one via anti-virus software like Kaspersky or any of the other major providers. These are a good security solution to have on your device and are usually a bit more in-depth than your built in operating system firewall.

Kaspersky Firewall

Kaspersky's security suite comes with a built-in firewall.

You can get a firewall for free, or obtain a premium version from services such as Comodo, which is usually best for businesses, while the free version should be good enough for personal use.

2. Network Firewall

Then, we have network firewalls. This is a firewall that is not only covering a single device, such as your PC but your entire network.

For example, you can use one to protect your home, as you do with your router.

These are good for those who have many different devices that they wish to protect, or if you want your entire family to use a secure network. All in all, it is a good solution to increase a network's security without a fuss of having to protect each device individually.

Essentially any home router works as a firewall because it must know which devices requested what and where to send it. It'll also block incoming traffic that wasn't requested by any of the devices connected to it.

3. Corporate Firewall

Lastly, we have corporate firewalls, which are similar to network firewalls, but they can cover and protect a lot more than what a simple router could reach.

Think of a single firewall protecting all the computers owned by an entire company, or a school, university, and alike.

These are capable of filtering massive amounts of traffic exceptionally quickly, which allows them to keep a business safe, and not impact its internet speed too much.

Some examples include Palo Alto Networks Next-Generation – PA Series, Cisco ASA, Fortinet FortiGate, and others.

You may often find these looking like huge routers in an office near you.

How do Firewalls work to protect you?

As mentioned before, firewalls are basically massive content filters that stand between your device or internal network, and an external network – most commonly, the internet.

They have their instructions about what kind of traffic is supposed to pass through, and what should be stopped at the gate.

This usually includes viruses and malicious traffic, or any other kind of suspicious or unknown traffic that the firewall is not familiar with.

In such situations, you can take a look at what the firewall stopped from entering or leaving, and then decide whether such traffic should be allowed in the future or not.

Can a VPN bypass a firewall?

Yes, most competent VPNs are more than capable of bypassing firewalls. In fact, many of them can bypass almost any firewall, even ones imposed by the government in countries like China.

VPNs do it by creating a secure tunnel for your traffic to flow through.

As your traffic flows through the tunnel, it becomes indecipherable, and so the firewall cannot access it and decide whether it should pass or not.

The firewall would be like water trying to penetrate a tunnel under the sea. Not only is it blocked from doing so but it also can't see what's travelling inside.

Can a firewall be either hardware or software?

Yes, you can use a hardware firewall or software firewall and much will depend on your reasoning for needing a firewall in the first place.

Hardware firewalls, of course, comes in the form of a physical device, one that allows you to protect your entire network.

You can install it between your computer and the internet, and it will continuously monitor transmitted packs of data. As mentioned earlier, your router would be the most common type of hardware device that features a firewall.

The data then gets blocked or transferred, depending on the rules you previously introduced.

On the other hand, a software firewall provides internal protection only to the device it is running on. If you have a firewall on your laptop, your phone connected to the same network wouldn't be protected by it.

Basically, it is installed on a single device, and it only protects that device.

This means that it is very bothersome if you need to protect multiple computers, as each of them would need to have its own firewall.

Software firewalls typically control the behaviour of specific apps, where you get to block access to some websites or content.

What are the disadvantages of a software firewall?

Software firewalls have some of the more obvious disadvantages, such as the need to install it separately on any device that you want to protect.

Another disadvantage is that a software firewall is less secure than a hardware firewall out-of-the-box. This means that you would need to do some manual configuration, which can be difficult for those who do not possess technical knowledge.

They also provide more opportunities for attackers, since they are installed on your OS and device itself.

Lastly, they also require more maintenance, depending on which vendor you chose. This usually means keeping them updated and while often this is done automatically if you're someone who usually skips any updates you could leave yourself open to problems.

So to recap the lackings of software firewalls:

  • Less secure out of the box.
  • Required to install on each device.
  • More maintenance required.

Do I need a personal firewall?

To put it quite simply – yes, you should definitely have a firewall.

The Internet is not a safe place, and malicious content is travelling up and down the network all the time. A firewall, however, will not keep you safe 100%, as nothing is completely secure.

However, having a firewall is a big step in your arsenal towards online security.

Thankfully, most new devices like Windows and Mac systems come with software firewalls as standard and your regular home router will automatically work as a firewall to a point.

Summary

A firewall is a good way of protecting your devices.

It acts as a gate that scans the traffic that goes in and out, and it decides whether the traffic should be allowed to pass based on some predetermined rules, or if you've even requested that data.

It can be hardware or software, with the biggest difference between the two beings that hardware firewalls can protect the entire network at once, while the software one only protects the device on which it is installed.

However, also keep in mind that firewalls can easily be bypassed with a VPN, so don't rely on it to be your only method of protection.

Ali Raza

Author: Ali Raza

Ali is a journalist with a keen interest in VPN usage. He is an expert in the field and has been covering VPN related topics for VPNCompare and numerous well-respected publications for many years.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up to our newsletter

Get the latest privacy news, expert VPN guides & TV unblocking how-to’s sent straight to your inbox.