Firewalls and Antivirus

Imagine your computer is a busy building. All day long, messages arrive from the internet and leave for the internet: web pages, game updates, video streams, messages. Most of that traffic is perfectly harmless — but some of it is an attacker knocking on the door, or a piece of malware already sneaking about inside. Keeping the building safe takes two different kinds of guard, each doing a job the other cannot.

This page is about what each one really does, why you need both, and why even both together are only part of staying safe.

The firewall: a guard on the door

Every piece of data crossing the internet travels in small chunks called packets. A firewall is a piece of software (or dedicated hardware) that sits at the edge of a device or a whole network and examines these packets as they try to pass. It compares each one against its ruleset — for example:

If a packet matches an allow rule, it passes. If it matches a block rule — or matches nothing at all — it is dropped and never reaches the software behind it. Watch a firewall sort traffic at the edge of a network:

Crucially, the firewall doesn't care whether a message is "friendly" or "nasty" in itself — it only checks whether it obeys the rules. It is like a security guard with a guest list: your name is on the list or it isn't. That makes a firewall brilliant at stopping unwanted connections (an attacker probing your ports from outside, or a hidden program trying to phone home from inside), but it also means a firewall cannot tell that an allowed download is secretly a virus.

Antivirus: a patrol on the inside

Suppose something harmful does get in — you download a game "crack", open a dodgy email attachment, or plug in an infected USB stick. The firewall has done its job at the door, but the threat is now inside. This is where antivirus takes over. It works in three main ways:

A lot of this happens quietly in the background — a real-time scanner checks each file the moment you open it — with a full scheduled scan sweeping the whole drive every so often.

Why you need both — plus updates and sensible habits

A firewall and antivirus protect different places, so neither can replace the other. The firewall can't clean up malware that's already on the disk; the antivirus can't stop an attacker hammering on a network port from the outside. Run both and each covers the other's blind spot.

But two tools still aren't the whole story. Two more things matter just as much:

Security people call this defence in depth or layered security: several independent defences stacked up, so that if one is fooled, another still stands.

Long before computers, a firewall was a real fire-resistant wall built into a building or a car, designed to stop flames spreading from one section into the next. Early network engineers borrowed the name for exactly the same idea: a barrier that stops trouble in one place from spreading into the parts you want to protect. The word "virus" was borrowed too — early self-copying programs spread from machine to machine much like a biological infection, so the medical language of "infection", "quarantine" and "disinfecting" stuck.

A common exam trap is thinking a firewall "stops viruses" or that antivirus "keeps hackers out". Neither is true on its own:

That's exactly why good security is layered: firewall and antivirus and regular updates and sensible habits. Rely on any single one and you've left a gap for an attacker to walk through.