A firewall traditionally is used to protect one unit in a multi-unit building from a fire that occurs in an adjacent unit. The hope is that the firewall will isolate each unit from a disaster in one of its neighbors.
These days we use firewalls in computer networks to isolate our network and hosts from danger posed by our neighbors. Firewalls protect us from the unauthorized use of our resources by external entities.
Simply put, a firewall protects you from what is happening "out there." And it can help to keep something happening inside your network from spreading.
Why do you want to be protected? In order to meet the three principles—confidentiality, integrity, and availability—you need to address the risks you've identified. This may mean you need to be protected from the wide-open Internet.
It's a scary place out there. You may also need to isolate select hosts from the rest of your network. The threat of insider intrusion is still very real, and firewalls can help here too.
How does a firewall protect you?
In its simplest form, a firewall examines your communications requests (network traffic) and decides, based on rules you have defined, what is and is not allowed. Really, a very straightforward function—on paper, anyhow. Complications are introduced by the different ways to achieve this goal. And each method has its own strengths and weaknesses.
Traditionally, corporations have firewalls only at the perimeter of the network—where the corporate network meets the Internet. However, the traditional network is changing. Users connect from home with high-speed Internet connections like cable modems, and sensitive data is being stored on local hard drives.
These changes often make it essential to consider protecting the local host with its own firewall software. And this is where personal firewall software plays a role.