What’s a firewall?
You might recall that they keep things out… but what exactly?
There are enough third-party firewall software packages out there to cause a nosebleed – but are they worth it?
In this article, we’ll be looking at what firewalls do, whether your OS defaults are ‘good enough’, and how you can make sure you’re set up correctly.
Firewalls come in both hardware and software form. While the hardware firewalls – very often built into your router – provide a great line of defence, in this article we’ll be focussing on optimising the software side of your firewall set up.
At their core, all firewalls are simply computer programs. Their duty? To control and monitor all data travelling into and out of your computer via a network (e.g: the Internet or your workgroup).
However, firewalls don’t influence the internal runnings of your machine or non-network data transfers like connected USB peripherals. They serve only as a gatekeeper between your computer and the outside world.
When a program (for instance, a web browser) requests for data to be transferred to or from your computer from the Internet or local network, your firewall quickly decides (based on certain rules) whether or not it will allow the transfer.
With little to no exceptions, all computers that are connected to the Internet should be protected by a firewall.
Before you rush out to download a third-party firewall utility, though, realise that Windows and OS X operating systems have removed some of the hassle by including their own firewalls by default.
Unlike many other bundled features, these built-in firewalls should be plenty adequate for a significant amount of users. An additional firewall program is, in many cases, an overkill.
However, let’s look at how firewalls differ, and whether or not it’s worth grabbing a dedicated firewall utility.
Inbound vs. Outbound Protection
The built in firewall in your router typically only offers ‘inbound’ protection – i.e. requests made to your computer from the outside world.
Outbound protection, found in most software firewalls like OS X or Windows’ bundled defaults, filters requests from within your machine (as in the web browser example before).
Inbound prevention serves as a more preventative measure, trying to stop malicious requests coming to your machine from outside and preventing malware infections or other compromises.
Outbound protection takes an approach more akin to ‘damage control’: preventing existing malware from sending data outside the machine.
The former type of firewall is often included in antivirus security suites for this reason – it provides an extra defence in the event that malware is actually present on your system.
What do Windows users need to do about enabling Windows Firewall? Nothing at all! It’s enabled by default. Since Windows 7, the built-in firewall provides very respectable protection with its default settings. (Of course, if you’re still concerned, you can always increase the default levels.)
However, Mac users should note that OS X’s built-in firewall is actually disabled by default – and there is some debate over whether it’s necessary for Mac and Linux users to bother with enabling them at all. If you want to play it safe, though, here’s how to enable and configure your OS X firewall.
Third-Party Firewall Software
All this talk of built-in firewalls begs the question: do you ever need to turn to third-party ones? Well, it depends!
Third party firewall apps tend to be more “vocal’ than their built-in counterparts, offering more alerts and confirmations when allowing programs through. Depending on your preferences, you might find this irritating… or reassuring!
The main benefit of third-party firewall software, however, is the greater control it gives you over advanced settings. These settings are already present in Windows and OS X Firewall, but accessing them can be tedious (particularly for Windows users).
Many firewall packages, on the other hand, have perfected the art of a nice user interface and can be great for power-users and quick setting changes.
Those who prefer some DIY might prefer to take a look at the Advanced Windows Firewall settings.
In short: you should probably be running a firewall – and you probably already are. Windows and OS X have you covered out of the box, but you might need to do some tweaking if you want more than the defaults (particularly with OS X).
Third party firewalls won’t necessarily offer you better protection, however they’ll usually make it easier to tweak settings and quickly customise your firewall setup. It’s your call!