Firewalls
A firewall is a system or group of systems that enforces an access control policy between two networks. Because it is a mechanism for
enforcing policy, it imposes its policy on everything behind it. Firewalls can be configured to protect against unauthenticated
logins from the remote devices, and still permit local users to communicate across the internet freely.
Software firewalls usually work by filtering or blocking information to individual programs and are often integrated with antivirus software while hardware firewalls filter traffic before it reaches your computer and may be integrated within your router or exist as a stand-alone unit.
By default, a firewall blocks all network traffic coming in to the network it is protecting. To permit traffic through the firewall, exceptions (or rules) are created that allow certain traffic on the network. The rules are defined by the domain names or IP addresses of the sender and receiver of the traffic as well as the type of traffic (e.g. web or SSH).
Routers
Routers are OSI model Network Layer 3 switches that interconnect networks over local or wide areas and provide traffic control and filtering functions when more than one pathway exists between two end-points on the network. Some routers have the capability to connect networks with different physical media and translate between different network architectures.
Home or small-business routers typically come with insecure default configurations. There are steps that should be taken to protect these devices
Routers are typically configured with a default internal IP address allowing a standardized method of access through a connected web browser. The router's management interface should not be accessible from the internet. If remote management is needed, consider using a VPN (virtual private network) to establish a secure channel to the local network first and then access the router's interface. Most are also configured with a default administrator password which should be immediately changed once you connect to the router’s management interface for the first time.