A firewall acts as defense for a local computer against viruses, worms, Trojans and brute-force hacking attacks. It can take the form of either software (a security program) or hardware (a physical router), but both perform the same function: Scanning incoming network traffic to make sure it doesn't contain blacklisted data. Firewalls scan each "packet" of data — small chunks of a larger whole, reduced in size for easy transmission — to make sure these packets don't contain anything malicious.
This scanning takes several forms. First, a firewall may screen any access requests and analyze the requesting service to make sure it has a known domain name and Internet address. Firewalls can also fully examine each packet of incoming data to look for strings of blacklisted code. Finally, firewalls may evaluate packets based on their similarity to other packets that have been recently sent and received. If the packets are within acceptable levels of similarity, they are allowed through.