There are 65535 possible entry points and 65535 possible exit points from your network – browsing the internet (HTTP) is just 1. Others you may have seen include HTTPS and FTP.
A properly configured firewall can restrict these exit points to only ones that you need (e.g. HTTP and HTTPS) and more importantly can block all entry points so that anything from outside your network is prevented from coming in uninvited. By blocking these entry points, viruses and malware cannot even start the process of finding weaknesses.