A network firewall is a device deployed between networks to restrict which types of traffic can pass from one network to another. Organizations typically use one or more network firewalls at their network perimeter to provide protection from external threats.
Network firewalls work by comparing network traffic to a set of rules, each of which typically specifies a network or application protocol and the source and destination of the communication. For example, a rule might permit e-mail to reach the organization's e-mail server from external hosts.
Accordingly, network firewalls can be effective at stopping network service worms that target a particular service or service port number, especially if the service or port is not widely used by the organization. Because network firewalls can restrict both incoming and outgoing traffic, they can also be used to stop certain worm infections within the organization from spreading to external systems.