A packet filter is, at its most basic, a firewall that protects networked computers from pollution from outside sources, namely the Internet. For the record, packet filter is the name of the application, a type of IP filter so named in the Berkeley Software Distribution (BSD) naming conventions. The packet filter acts as a network policeman, examining any and all traffic directed at the network before that traffic ever gets anywhere close to the network. Think of the packet filter in terms of the guard tower outside the moat that surrounds the castle. The packet filter serves the role of both moat and guard tower, since most packet filter procedures involve more than one layer of security.

The packet filter is a model of reverse engineering as well, serving as a gatekeeper that keeps “dangerous” traffic from leaving the network. An apt analogy here would be the Great Wall of China, which was built both to keep invading barbarians out and to keep dissident Chinese in. The “dangerous” traffic that a packet filter keeps from escaping might very well be company secrets, such as customer identity information and the like.

A packet filter can be customized, of course. You can set the filter level high, such that nothing gets through unless you authorize it. You can program the packet filter so that it searches for certain keywords or IP addresses in incoming transmissions. You can even program the packet filter to exclude all but a certain level of information, the parameters of which you set ahead of time.

Your packet filter, normally by default, will keep a log of all of its activity. This log can be customized, too, to include such data columns as number of data streams tracked, number of data streams intercepted, why those data streams were intercepted, the IP addresses of any and all incoming transmissions, and how many times the transmissions were attempted. In this way, you can follow up on attempted security breaches.

A packet filter will probably be required to protect a large network of computers. The last thing you want as the president of a bank is for some hacker to gain control of the personal information of your customers. Your packet filter in this case will undoubtedly have a high level of security.

You might also want to aim your packet filter at internal traffic as well, to make sure that no objectionable traffic or data streams get passed between internally controlled computers. A packet filter is not perfect, even though its makers would like it to be, and for whatever reason, objectionable files can sneak through. This sort of penetration onto one computer can soon lead to infection of other computers on the network simply because they are sharing an IP address or other kind of network connection.

Call it packet filter. Call it firewall. Call it Internet policeman. Call it whatever you want. It’s your best friend, no matter how many computers your network is running.