Firewalls are used to protect a network's data and resources from outside access and threats. A Firewall is used as a barrier between a internal network of an organization and another network (may be public internet or another network of the same organization).
Since the primary function of a Firewall is to protect a network's data and resources from outside threats, they are usually placed at the end point of a network.
A firewall can be a dedicated Hardware device, or Software running in a computer.
Firewalls can be configured with "rules". Firewall rules can be used to allow/deny network traffic from/to the network. These rules can be based on Source/Destination network, Source/Destination IP Address, Source/Destination TCP/UDP port numbers, Protocols, Applications etc.
Following image shows a Cisco ASA 5520 firewall device.