Business internet
Direct Internet for
SMEEnterpriseReal EstatePublic SectorChannel
Connectivity products
Direct InternetDiverse Direct InternetManaged FailoverDDoS ProtectionCloud ConnectRapid Install
CybersecurityManaged IT
Blogs & resources
Experts on callEventsFAQsContent & case studies
Get in touch
Back to blogs
Company news

Your Practical Guide to Firewalls - their benefits and limitations

June 8, 2022

|

4

min read

Follow me on LinkedIn as

Highlights

There is a lot of content on the internet, and whilst most of it is good, some is bad and designed to harm your company’s IT network. Sadly, it’s not always easy for humans (your employees) to establish which is which so that’s why it has never been more important to protect your network with a firewall.

Firewalls are widely available and getting one set up on your network is easy, but it’s worth discussing:

  • What a firewall is
  • How it works
  • The advantages of using one
  • What it cannot do

So, what is a Firewall?

Having a firewall is like having a shield or barrier around your company’s IT network. It can help protect you and your users from malicious content by denying entry to your network.

But with so much content on the internet, how does it know what to let in and what to reject? The answer lies in things called packets. These process the website traffic that wants to make its way into your network.

When the packet reaches your firewall, the firewall will then make a decision. If it thinks the data in the packet is safe, it will let it into your network. If it thinks the data is harmful, it will reject it.

Many devices have a built-in firewall that works this way. This is called a hardware firewall.

For extra safety, you can install an additional firewall using a third-party application. Another name for this is a software firewall. It can monitor the traffic that is going out and whitelist any sites that are known to be dangerous.

How does a Firewall Work?

As we mentioned, there are two kinds of firewall: hardware and software. A hardware firewall is a physical appliance in your communications rack which all your internet traffic routes through and monitors incoming and outgoing web traffic. A software firewall is installed on servers, appliances and desktops and helps to monitor incoming and outgoing web traffic.

They work differently but serve the same purpose: to protect your network and keep your users safe from malicious activity.

There are lots of public lists that can be cross checked by your firewall to ensure harmful websites are blocked. The firewall can also pick up on inbound virus, crypto lockers and other nasty web elements you want to keep out.

Most devices come with a hardware firewall built-in, so there is little setup required and they are easy to get on all devices in your network.

Software firewalls usually must be installed with a third-party application, meaning some manual setup will be needed. You will also have to get licensing to cover all the devices that the software is installed on.

Once you have a firewall setup, there are lots of configurations you can deploy. You can arrange for it to monitor and block traffic based on several criteria, including:

  • IP address. This is a unique 32-bit number that is assigned to every web address. The 32-bit number is presented as four ‘octets’ in a ‘dotted decimal number’, like this: ‘216.28.62.138’.
  • Content filtering. Block/whitelist certain categories of websites based on organisational policies ie blocking social media websites
  • Domain name. Perhaps the easiest way of identifying a website. Ours is www.optimity.co.uk.
  • Protocols. How someone accesses an online service. The protocol for a web browser would be ‘https’.
  • Ports. Server machines make services available to web users with numbered ports. You would usually find a web server on port 80.
  • Words and phrases. If you don’t want your users visiting a site with a particular word or phrase on it, you can set up your firewall to work this way.
  • Behaviours and changes. To help detect behavioural changes and secure the network, such as hacking attacks, or large data removal across the web.

The Advantages of a Firewall

You can prevent unauthorised remote access

Imagine this: you are sitting at your computer or tablet, and you see the cursor moving on-screen, but you aren’t moving your mouse. Somebody is using your device remotely. Unauthorised remote access means you are no longer in control, and the person who has accessed your device could get hold of any information they want. Firewalls can help prevent this from happening.

You can test lots of configurations

There are so many ways you can set up a firewall in order to protect your network. Your IT support provider will be able to help you determine what the most effective methods will be.

One of these methods might be to temporarily block access to everything. Although this may seem time-consuming, you will be able to work out what access is essential for your users. You can then allow or deny access to non-essential sites on a case-by-case basis.

You can combine hardware and software firewalls for ultimate resilience

Most devices come with a hardware firewall by default, which can offer protection against incoming traffic. When you install a software firewall, you will also be getting protection from outgoing traffic and a whitelist of known dangerous activity.

For extra protection, you should equip all of your devices with a software firewall. That way, you can reduce the spread of malicious content between your network users.

Firewalls are great for all the reasons we have mentioned here, but they are not always enough on their own. Sometimes, extra software and human initiative is needed to provide maximum safety.

What a Firewall can’t do

Firewalls cannot always block a social engineering or spoofing attack. For these, a hacker will imitate a legitimate company online in order to trick you into doing something you shouldn’t. Because they look real, they may slip past a firewall unnoticed. Email scanning software can help to prevent this though.

Firewalls won’t always prevent malware, viruses and worms from entering your network either. For this, you need an antivirus software programme. In the event of something getting past your network, your antivirus will be able to deal with it.

While all of this should help keep you well protected, it can never hurt to use your own knowledge of cybersecurity best practices and educate employees about this. Your employees need to have a good knowledge of these because statistically speaking they are your biggest (albeit unintentional) threat.

Things you can all be doing include:

  • Regularly updating software. A lot of software will update itself automatically, but it is always worth ensuring that this is the case. It is essential for avoiding glitches and bugs.
  • Using strong passwords. Make these as hard as possible for cybercriminals to guess, and do not share them with anyone. Even the people you trust.
  • Being aware of spoofing attacks. This is when an email or website or email sender appears to look legitimate but is malicious. Keep a careful eye on domains, sender information, attachments and content, and don’t do anything you feel unsure about.

Protect Your Network With a Firewall

Hardware and software firewalls are both designed to protect your network from malicious activity. Most devices come with a hardware firewall built-in, which monitors incoming traffic. A software firewall has to be installed and licenced for each device and can monitor outgoing traffic.

Firewalls can monitor and prevent access to websites based on lots of factors, including:

  • IP addresses
  • Domains
  • Protocols
  • Ports
  • Words and phrases

And with a firewall, you can:

  • Protect your network from unauthorised remote access
  • Trial lots of configurations
  • Combine a hardware and software firewall for ultimate resilience

But firewalls cannot do everything by themselves. That is why your employees need to have a good knowledge of cybersecurity best practices, and you should combine your hardware and software firewalls with an antivirus programme.

To learn more about firewalls and what is available for your network, contact us for a managed networks quote. We can help you determine what kind of protection your business needs.

Get in touch.

Tell us about yourself so we can serve you best.

Got a question?

No items found.

More articles

Insights
December 2, 2025
Why a wayleave isn’t always needed for fibre installations
Read More

For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.  

In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.

At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.

What is a wayleave?

A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.  

What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.

For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.  

Why a wayleave isn’t required for standard in-building fibre connections

For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.

If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.

In practice, this gives landlords far more protection and flexibility:

  • No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
  • Landlords keep full control – equipment can be moved or removed when the building changes.
  • Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
  • Happier tenants – connections go live quicker; tenants get to move in faster.

By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.

Insights
November 26, 2025
How the City of London Corporation is investing in the Square Mile's digital future
Read More

Public services across central London are evolving, and the City of London Corporation is leading the way.

Whether you work, live or study in the Square Mile, you’ll soon feel the difference that faster, more dependable connectivity brings.

What is the Future Network Programme?

The City of London Corporation is rolling out the Future Network Programme, a major project to modernise its entire digital infrastructure and bring everything under one unified network.

From offices and schools to iconic green spaces like Hampstead Heath, cultural destinations like the Barbican, and historic markets such as Leadenhall and Old Spitalfields, this upgrade will mean more reliable connectivity across the City’s buildings and public spaces.

It also extends to essential services, including critical sites run by the City of London Police. This enhanced connectivity will support everything from secure communication systems to faster, more resilient networks for emergency operations.

Leading this transformation is Roc Technologies, supported by Juniper Networks and Palo Alto Networks; all powered by the Vorboss fibre network. Together, we’re bringing the City onto a modern digital foundation that’s ready to support its future.

Who the Future Network Programme benefits and how?

The programme is designed for everyone who depends on public services in the Square Mile:

  • Students in City-run schools will have fast, reliable connectivity to fully access digital learning tools.
  • Public-sector teams will experience smoother hybrid working, better access to online platforms, and more efficient collaboration across locations.
  • Residents and visitors will see improvements in public Wi-Fi, digital services, and online access in libraries, community hubs, and other shared spaces.
  • The City of London Police will gain a more secure, faster and resilient network that enhances CCTV reliability and enables more effective frontline operations.

Vorboss Limited is registered in England and Wales at: 10 Exchange Square, London, United Kingdom, EC2A 2BR Company number: 05678571

©2025 Vorboss, All rights reserved

Cookies PolicyPrivacy PolicyVorboss Trust Centre
About
Buy differentCareersAcademyNewsLocationsGlossary
Customers
BusinessEnterpriseCommercial Real Estate
Partners
Products
10G100GOur Products
Contact us
Call us:
+44 (0) 20 3582 8500
Email us:
hello@vorboss.com

10 Exchange Square, London,
EC2A 2BR

Complaints Policy

Certification no. C2023-03244


ISO 9001:2015
Quality Management System
Certification no. C2023-02886


ISO 45001:2018
Health and Safety Management System
Certification no. C2023-03242


ISO/IEC 27001:2022
Information Security Management System
Certification nos. 23012EMS001, 23012BCM001

ISO 14001:2015, ISO 22301:2019
Business Continuity Management System