14.1 What is a firewall?

Any computer attached to a network is vulnerable to attack. A firewall is just one of the tools available to protect a network and the computers on it.

Broadly speaking firewalls come in three types:

Network firewalls
These are typically dedicated network devices placed at key points in a network to protect parts of that network, often between untrusted and trusted networks (e.g. your company network and the internet).
Host firewalls
These are software that runs on a computer and typically protect that machine only.
Application firewalls
These are software, or subsystems, that control input and output of specific applications or services running on a host computer.

It is possible to have hybrid computers that act as both an network firewall, protecting whole or part of a network, but running other software too.