A defensive security system consisting of either, or both, hardware and software designed to protect computers from unwanted outside electronic intrusion, rather than direct physical tampering or theft. The term has gained significance as more and more computers are connected to each other via electronic networks, such as the Internet, where such unwanted electronic intrusion is now possible. A computer that is never physically connected to an outside network would not typically need a firewall.
A set of programs that protects the resources of a private computer network from users of other networks. It screens the messages that attempt to enter or leave the network and permits or denies access to outside users based on pre-programmed rules.