Public network firewalls are primarily designed to protect against external threats by monitoring and controlling incoming and outgoing traffic between a private network and the internet. They act as a barrier to block unauthorized access, malicious attacks, and other risks from outside the network.
However, public network firewalls are generally ineffective against internal threats because they focus on traffic crossing the network perimeter. Internal threats originate from within the network, such as compromised devices, malicious insiders, or accidental data leaks. Since these threats do not cross the firewall's boundary, the firewall cannot detect or block them.
For example, if an employee’s device is infected with malware inside the network, the firewall won’t prevent the malware from spreading laterally within the network. Similarly, if an insider intentionally exfiltrates sensitive data, the firewall won’t stop it because the traffic remains within the internal network.
To address internal threats, additional security measures are needed, such as:
For cloud environments, Tencent Cloud provides Tencent Cloud Host Security (CWP) to detect and respond to internal threats on servers, along with Tencent Cloud Network Security (NSF) for advanced threat detection across internal networks. These services complement firewalls by securing internal assets.