What Is a Firewall Whitelist?

If your personal computer was a town, its sheriff would be your firewall. Your firewall keeps electronic rules on what incoming Internet communication is acceptable and what communication can go out from your computer. Since the number of places you go on your computer changes, you want the ability to change the rules of what and who is granted access to your computer. You can add to preset rules by creating a whitelist and a blacklist of communication protocols.

A typical firewall uses a whitelist policy where Internet communication from whitelisted addresses and websites are accepted, but everything else is denied. If the communication does not appear on the whitelist, the communication is rejected. Whitelisting is used by many security professionals to help prevent malware on networks. Next-generation firewalls have made creating a whitelist more specific so policies about what is allowed are easier.

A network administrator can configure a firewall to accept only certain IP addresses to access a network, which can limit the websites where computer users can go. A system administrator does the same thing with a firewall on a server. Home users can use whitelists in a desktop firewall to control where that computer can go and what the computer can communicate with.

Many companies prefer to deny all traffic and permit only that traffic that is necessary, a security model known as Deny All Permit Exception (DAPE). This is a more secure posture than using a blacklist, which permits everything and blocks only traffic you decide is bad. If you use a whitelist for your firewall, you only allow communication from sites or applications you know are secure and it makes your computer or network more secure. Upkeep on a firewall policy with a whitelist is more labor-intensive because you need to keep adding to the firewall whitelist whenever the communication does not fit the existing set of rules and you need to make a new policy to allow communication with new sites.