The basic idea of a firewall is to regulate the traffic and provide controlled flow of data between different zones of trust (i.e. between your computer and the Internet for example). A network administrator or needs to understand the basic understanding of network protocols and computer security while using a firewall failing which may result in a firewall acting as a useless security tool. Fortunately, a lot of products on the market allow you to set up firewalls on your own PC (aka "Personal Firewalls) or on your home network without much of the hassle - some of them just need to be plugged in or installed and you can leave it at that.
If you do not understand the basic workings of a firewall though, you may stop the important incoming connections (i.e. incoming digital calls from Skype or Yahoo) or cookies from being installed. I made the same mistake when I installed Zone Alarm (www.zonelabs.com) on my system. When I changed the firewall settings, it stopped accessing my hotmail account. Every time when I logged on to my account and clicked on the message it again asked for my username and password. Trust me, it is really very irritating. I had to uninstall and again re-install the firewall since the default settings were terribly disturbed and I had no idea how to reset them. (Note: it really isn't that bad, normal users shouldn't have a problem unless they mess around too much with the default settings :) )
Firewall Options
You can usually choose from a software or hardware firewall. Hardware firewall costs not more than $100 and is more robust. It comprises of a router, firewall and an Ethernet hub for broadband connections. They are good choice for home networks that connect to the internet (and are usually provided by your Internet provider). These require installation and wiring at user end. On the other hand, software firewalls are a good choice for standalone single PCs but they come in expensive. They work well with all Windows platform. Note that Windows XP and Windows Vista have inbuilt firewalls and you may not need an external firewall especially if you only have a single PC in your home.
I have Zone Alarm installed on my system although I use Windows XP. It is usually recommended to use only one firewall as the settings may conflict with each other. But so far, I have not noticed any unusual behavior.
Other common firewalls include:
- Kerio Firewall (www.kerio.com, Software) is another good alternative to ZoneAlarm and essentially has the same features. Sometimes, I try uninstalling one then installing the other just to see what happens. They both have free editions for personal use and can be downloaded easily from the Internet. Both of them are pretty user-friendly and can protect your pc right after installation.
- Cyberoam (www.cyberoam.com) is a good hardware firewall that provides identity based protection. It provides security by providing access control, user authentication, and network and application-level protection. It blocks sites and links that are known spyware, phishing, pharming generators and reduces the attack incidence, forming a powerful defense in combination with Cyberoam’s pre-integrated anti-spam solution.
- Barracuda firewall is also a good option that is an integrated hardware and software solution for protection of your email server. It provides protection against spam, virus, spoofing, phishing, spyware simultaneously. It is a good choice for small business enterprise or corporates as it can handle up to 30,000 active email users.
- Netscreen firewall (www.juniper.net, Hardware) provides ICSA certified stateful inspection internet firewall that disallows hackers from SYN attack, ICMP flood, Port Scan, and others.
- Be sure to read about the top-rated software: Comodo Internet Security Pro, Online Armor Premium and Kaspersky Internet Security.
Quick test of your Firewall
After installing the firewall, I performed the Shields Up! Port Test (www.grc.com). The GRC Internet Security Detection System scans on request the user's computer for deficiencis in your firewall - even checking for the usual Windows file sharing problems - and reports vulnerabilities that if finds.
One thing nice about this is that these tests show how your PC would look like from other people on the Internet - it can tell you if you are wide open (to possible attack) or are secure enough for the Internet. In some cases, you can be so secure that other computers may not even see you unless they know you are there (stealth mode). Check out that site now on your PC and see what results you get! :)