A firewall is a piece of software that will examine inbound, and sometimes outbound, network traffic, and based on a set of configurable rules, will decide to let the traffic pass, or will try to block the traffic. A firewall can consist of an application that you install on your PC, or it can be a dedicated appliance that protects an entire enterprise network. Here, we will restrict our discussion to client-side, or personal firewalls.
It's important to understand what a firewall will do and what it won't do. It will block inbound traffic to your computer if it does not recogize that traffic as a response to a request sent by you. For example, if someone tries to make a connection to your machine, the firewall will block it. If a web server sends you a page in response to your request to load it, the firewall will allow it to come through.
If a bot that is already installed on your computer tries to communicate with the Internet, the firewall will let it through. It assumes that any traffic that originates from your machine is trusted.
So firewalls are an important part of your defense in depth, but just like any other defensive tool, they don't protect you from all threats.
OS Firewalls:
Many current operating systems have built in fire-walls. It is recommended you use this firewall. Note that using a built-in OS firewall is sufficient to meet the University's network standard regarding firewalls.
Other Firewalls:
If your operating system does not come with a firewall, or if you would like more 'fine grained' control over your firewall settings, you may want to purchase a personal firewall. Personal firewalls work similar to OS firewalls, except they often offer additional features and can be customized. The actual level of customization and ease of use varies with the particular firewall, however.
