What Is a Firewall Whitelist?

By Anni Martin

Next-generation firewalls are making some firewall administrators rethink firewall policies.
i Jason Reed/Digital Vision/Getty Images

In old westerns, you could always tell who were good guys or bad guys by the hat color. Your firewall whitelist contains people, sites or networks you allow access to your computer or you want your computer to access. The opposite of whitelists are blacklists. You blacklist or deny access to services you don’t want such as sites that might try to add spyware to your computer.

Firewall Definition

If your personal computer was a town, its sheriff would be your firewall. Your firewall keeps electronic rules on what incoming Internet communication is acceptable and what communication can go out from your computer. Since the number of places you go on your computer changes, you want the ability to change the rules of what and who is granted access to your computer. You can add to preset rules by creating a whitelist and a blacklist of communication protocols.

Whitelist Definition

A typical firewall uses a whitelist policy where Internet communication from whitelisted addresses and websites are accepted, but everything else is denied. If the communication does not appear on the whitelist, the communication is rejected. Whitelisting is used by many security professionals to help prevent malware on networks. Next-generation firewalls have made creating a whitelist more specific so policies about what is allowed are easier.

Whitelist Uses

A network administrator can configure a firewall to accept only certain IP addresses to access a network, which can limit the websites where computer users can go. A system administrator does the same thing with a firewall on a server. Home users can use whitelists in a desktop firewall to control where that computer can go and what the computer can communicate with.

Whitelist Considerations

Many companies prefer to deny all traffic and permit only that traffic that is necessary, a security model known as Deny All Permit Exception (DAPE). This is a more secure posture than using a blacklist, which permits everything and blocks only traffic you decide is bad. If you use a whitelist for your firewall, you only allow communication from sites or applications you know are secure and it makes your computer or network more secure. Upkeep on a firewall policy with a whitelist is more labor-intensive because you need to keep adding to the firewall whitelist whenever the communication does not fit the existing set of rules and you need to make a new policy to allow communication with new sites.

×