Packet-filtering firewalls examine only a limited amount of information associated with the packet, specifically the source and destination address, the direction (inbound or outbound), and port.

Packet-filtering firewalls are rarely used as the sole method of perimeter defense since they examine only limited information about the packet…certainly not the contents, as other devices can.  But since they do not perform the same depth of analysis as other technologies, they are quicker, and therefore serve well as a first line of defense.

To get a packet-filtering firewall up and running, you must create an access control list, commonly referred to as an ACL.  Sensibly enough, this list shows who should and should not have access.  

For example, if your only contact with the outside world were through email, then you could set a rule to allow traffic only over port 25, and deny everything else.  That setup would be fairly secure.  In reality, though, the chances are pretty good that you will need to allow more than port 25’s traffic. 

You may have e-commerce.  You may have a business partner with whom you regularly exchange data.  In that case, you could set a rule to allow traffic from their IP address, over an agreed-to port.

Next: A quick explanation of encryption.