A firewall is a network security device, which acts as a barrier to the network traffic that flows through it. Through a list of rules, specific parameters of the network packets (origin, destination, service / application, etc.) can be analyzed to check if the traffic is known / legitimate, in which case it is allowed; or if it is unknown / illegitimate, in which case it is denied.
The main function of a firewall is to provide a basic layer of protection, hiding and closing unwanted access to network devices, such as workstations, servers, IP phones, etc. For example, you can allow HTTP access to a web server, but restrict the connection to it by some management protocol, such as SSH or Remote Desktop.
In addition, it provides visibility into the applications and services present on the network, which in turn helps to discover suspicious activities, which until now were unknown. Modern firewalls, also called (NGFW, Next Generation Firewalls, or "Next Generation Firewalls"), have additional layers of protection and visibility, such as active user identification, application categorization, anti-virus controls, anti-malware , anti-bot, and more.