Home > Articles > Security > General Security and Privacy

  • Print
  • + Share This

Software-only Personal Firewalls

Numerous shareware and freeware products occupy this niche, as well as an assortment of fully commercial software products in the $20 to $100 range from vendors like Symantec, McAfee, ZoneAlarm, NetworkIce, and so forth. Basically, you install a personal firewall software package on a machine that's hooked up to the Internet, and it inspects inbound (and sometimes, outbound) traffic between that machine and the Internet. If you have a network, this machine acts as a perimeter device for the rest of the network, which means that all inbound and outbound network traffic to and from the Internet must go through this machine in order for the firewall to do its intended job. As networks get bigger, or traffic volumes increase, acting as a firewall consumes an increasing share of that machine's computing resources.

Most software-only personal firewalls are pretty basic and offer routine forms of firewall protection, including the following features (some of these may or may not apply to all such products, but this is a reasonable set upon whose presence you should insist, or select another product):

  • Be reasonably easy to set up and install, with reasonably secure default settings. For more information on comparisons and reviews, check out the Home PC Firewall Guide, which does as good a job covering this product category as any other site I know of on the Internet.

  • Perform screening on the basis of specific incoming IP addresses (or portions thereof, particularly the network address portion), protocols, or port addresses (to which specific Internet services are often linked). This applies to outbound traffic as well as inbound, and provides a particularly effective way to deny or deflect unwanted attention.

  • Offer "stateful packet inspection," which means that higher-level scans and attacks (which typically occur over the course of multiple packets) can be detected and deflected.

  • Recognize and report on well-known attack signatures (such as port scanning), so that you can detect (and the software can elude) potential penetration attempts.

  • Be updated frequently enough to take cognizance of new security vulnerabilities or documented exploits. What good is a firewall that isn't able to deflect well-known attacks, even new ones? Here again, comparative reviews like those found at the Home PC Firewall Guide will come in handy.

In addition, many of the commercial products incorporate such niceties as network address translation (NAT, which lets you use special private IP addresses inside your network that cannot be spoofed or used at all on the public Internet), anti-virus checks, more advanced intrusion detection and intruder identification features, and so on and so forth. As with so many other software products, the more you pay, the more bells and whistles you're likely to acquire in your purchase.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.