There are two common types of firewalls; hardware and software. The purpose of both is to protect your computers and devices from invasion, viruses and other malware. A firewall alone is not adequate defense viruses and malware, but is (in most cases) your only defense against hackers and intrusion.Software Firewalls
A software firewall such as Windows Firewall, which is included with Microsoft Windows, are a critical part of your defense against viruses and hackers. It is especially vital for portable computers (laptops and netbooks), that may be using someone else’s internet connection (wireless or wired). It is probably your only defense against intrusion when away from home or work.
In my opinion, software firewalls and antivirus / anti-malware alone are not good enough for these, and other reasons;
- Any firewall, antivirus or anti-malware software is contained within your computer. The intruder has to already be inside your computer before the software can examine it to see if it might be harmful.
- Viruses and malware must be identified by the security software developers, who then have to develop a defense, which then has to be added to your computer via an update. You could get a virus before this can all take place. By the way, this is a big part of how security software developers find out about new viruses, by their customers getting viruses. Yes, there are proactive programs that look for suspicious behavior in your computer to identify a possible virus, but if those really worked, we wouldn’t be getting viruses at all anymore.
- Constantly checking for updates for all the softwares on your computer slows it down, so many users end up either turning off the automatic updates, or setting them to check for updates in the middle of the night when their computers are actually turned off.
- The average computer user is unaware of the issues above and trusts the software firewall / antivirus to protect their computer, and doesn’t consider the very real need to use other forms of protection.
A hardware firewall, for the average home or small business user, usually comes as a built-in function of a router, wireless or wired. When choosing a router for your home or office, you should look for a model that includes a firewall, the additional cost is minimal and the benefits are great. Most modern firewalls use two functions by default to help provide defenses against intrusion and malware;
- Stateful Packet Inspection (SPI) is a function of a firewall in which it keeps track of the “state” of a connection. If you click on a link, and in doing so, ask for a response from a website or another computer or device, the firewall allows the response to come back in from the outside, because you asked for it. If that same website or computer (outside the firewall) tries to send your computer something that you didn’t ask for, it does not allow that to come through.
- Network Address Translation (NAT) is a function of a firewall whereby the IP addresses of the computers or devices on the inside, are hidden from those outside the firewall (the internet). NAT Redirection helps to prevent hackers from being able to “see” your computers and devices at all, if you have a firewall router in your home, you should set NAT redirection to enabled.
MAC Address Filtering
Another, less commonly used function built into most firewall routers is MAC Address Filtering. Although it technically falls more under the heading of access control than internet security, since intrusion from within a network is a very real and common path for viruses and malware to gain access to your computer, I thought it should at least be mentioned here.
- MAC Address Filtering is using a list of computers and devices to either allow only the devices on the list to access the network, or to allow all but the devices listed to access the network. MAC Filtering is more trouble to configure and maintain than most other common firewall features, but it can be a very effective means of controlling who can use your wireless network and when.
Should I Use A Firewall?
Firewalls, both hardware and software, play a vital role in protecting our computers and other devices from intrusion and malware. A comprehensive protection plan for the home or business should include both software and hardware firewalls, and as many other means of prevention as you can practically implement.[amazonautolinks label=”Desktops”]