A host-based firewall is a security application that runs on a single device, like a computer or server, to protect it from unauthorized network traffic. It analyzes and manages traffic entering and leaving the specific host, enforcing security policies to allow or block data packets. Unlike network-based firewalls that protect an entire network, host-based firewalls provide individualized protection for each endpoint device.
- Function: It acts as a shield on the device itself, controlling traffic at the individual host level.
- Purpose: It stops localized attacks and enforces specific security rules for that single machine, even if network defenses are breached.
- Examples: Windows Firewall is a common example of a host-based firewall built into the operating system.
- Complementary protection: Host-based firewalls work best when used in conjunction with network-based firewalls to create a layered defense strategy.