Some firewalls support advanced rules allowing additional fine-grained control over the filtering process. The security appliance then filters messages before the device processes the messages, allowing only communication with known, trusted devices.
In a system without a security appliance, a hacker may attempt to remotely access the device using default passwords, dictionary attacks, or stolen passwords. Such attacks are often automated, allowing a huge number of attempts to break the system’s password.
The same system can be protected by a firewall configured with a whitelist of trusted hosts. The firewall’s filters will block attacks from the hacker before a login is even attempted because the IP or MAC address is not in the whitelist, thereby blocking the attack before it even really begins.
Many attacks are blocked before a connection is even established because each packet received by the devices must pass through the firewall for filtering before being processed. This provides a simple, yet effective layer of protection currently missing from most legacy IoT devices.