- Firewalls usually check requests coming in and either pass, reject, or drop them
- Usually look at source IP and port number
- A way to say "people on the internet can access this web server"
- ..."but people need to be on the network to try to log in"
- ..."and these specific people can't come in at all"
- ..."and these unused ports should not be used"
- Comes from construction terminology
- Need firewall rules to allow incoming connections
18 / 24