Computer Firewalls

An article on what a computer firewall is and why you need one

What is a firewall?

Fire wall - a fireproof wall used as a barrier to prevent the spread of fire.

A firewall in the computing world is a tool (software or hardware) that protects a network or an individual computer from unauthorised connections.

Most devices such as broadband routers and modems have built-in firewall features that prevent unauthorised connections originating from the internet. Personal firewalls, or software firewalls are installed on individual computers to prevent unathorised access from any wired or wireless network that they connect to.

Think of a firewall as a security gate with security guards that check the pass of anyone trying to gain entry. Not having a firewall would mean that anyone could come and go as they pleased.

Why do I need one?

The internet is a large network of interconnected computers and there are a lot of malicious users and software out there. Tests have proven that a Windows PC with no security software installed was, on average, infected with computer viruses and malicious software (malware) within minutes of being connected to the internet.

One of the best ways of making your personal computer more secure when connected to any network is to install a personal firewall.

The role of the firewall is to block all traffic to and from your computer, EXCEPT any traffic that you have given permission to pass.

Think of Gandalf from Lord of The Rings uttering: "Thou shall not pass!", then mumbling "unless I specifically say so" under his breath.

How does it work?

Personal (software) Firewalls

By default most firewalls start by blocking all traffic and every time a program on your computer tries to connect to the internet the firewall will ask you if it should allow it to connect. You can say yes or no and the firewall will allow or block access for that program.

Of course the program can ask again and again and again, which will soon become a pain in the preverbal. If you really trust that particular program then you can tell the firewall to remember your answer so it won't bother you again (unless you update that particular software that is, because changed software looks new to the firewall so you have to go through the process again).

Over time the firewall will learn which programs you trust and which you don't and it will keep a list of each. If you change your mind at any point you can always edit these lists using the firewall menu options.

Hardware Firewalls

Hardware firewalls and the firewalls built into broadband routers are similar to personal firewalls except that they block connection types rather than individual programs.

By default any incomming traffic that wasn't initiated by you is blocked. All other traffic is let through based on rules set in the firewall, which can be configured by you. Rules such as blocking ftp traffic, allowing bittorrent but only to one port (a port is a software connection labelled with a number).

A hardware firewall on its own is not adequate security because malicious software that is already on your computer could initiate a connection and the hardware firewall will quite happily let it past (which is why I recommend installing a personal firewall).

Where can I get one?

Most Microsoft Windows PCs from XP SP2 onwards come with a personal software firewall called Windows Firewall, which can be found in the Control Panel. The introduction of the Windows Firewall was seen as a step forwards by the personal computing security community, however the Windows Firewall is far from perfect and does have it's limitations, but it is a good start and is certainly better than nothing.

Most anti-virus and computer security software companies offer a personal firewall solution, and there are a lot of good ones that are free. To find one that is best for you do your research and find out which one others in your community recommend or which ones have the best feedback online.

Once you have chosen a personal firewall follow the instructions to install it. After installation the firewall will run in learning mode, where it learns which programs you trust and which you don't by asking you questions as each program requests access. After a while you will forget it's there other than during the occasional notifictaion or permission request.

How do I set it up?

I tend to recommend to people to install their chosen personal firewall in conjuction with the Windows Firewall. Most require you to disable the Windows Firewall or do it for you, but the ones I use don't, so you are adding to your security.

The second part of this article is coming soon..

Article last updated: 19th september 2010