Firewalls & You!
A firewall is a dinky little device or software that sits between your computer and the network connecting it to other computers. In layman's terms, it keeps the bad stuff out and prevent the bad guys from getting to all the good stuff in your hard drives.
Firewalls prevent network intrusion by malicious parties by blocking off access to your computer. They allow access only through a few select ports. Even data that goes through those few open ports are inspected. Think of ports as doors. By limiting the number of open doors and guarding the few doors that are open, firewalls make it that much harder for an intruder to get in.
Firewalls also look for signs of intrusion and when they find them, they secure the network by locking it down. For example, if a PC keeps sending out packets at a absurd rate on a weird port, a good firewall will lock it down and flag the computer as flooding the network.
However, firewalls are both good and bad. In a way, they are kind of like girls. You can't live with them, you can't live without them. But just like with most women, once you come to some kind of understanding or compromise, it becomes a lot more easier.
Of course, just like any woman, you'll probably have to think well before you decide which firewall to use. Take the time to select your firewall that suits your needs because it is the main thing that will keep your computer safe from dastardly intruders on the Internet.
When it comes to firewalls, there are generally two kinds - a dedicated hardware firewall, and a software firewall. Hardware firewalls are entire standalone units or part of a router, and run on their own processor. Software firewalls, on the other hand, are installed into your PC, using the CPU to process its data.
The most effective solution is of course to have both hardware and software firewalls. A hardware firewall would act as a border guard between your local area network and the Internet, while a software firewall residing on your PC would serve as an additional layer of protection.
So, what's the catch? Well, hardware firewalls cost considerably more money and they're pretty hard to configure, with their complexity and all. Fortunately, the configuration process is pretty much a one-shot affair. Software firewalls are easier to set up by comparison. So, why bother with hardware firewalls, and what should you look for in one?
Basic Level Selection
A basic hardware firewall is what you get with most routers. What you should look for, above all else, is a simple but powerful interface. No, its features aren't really important since even the most basic firewalls have enough features to protect your network from most attacks.
Remember, getting the best out of a firewall isn't going to be easy when its interface is indecipherable. When it comes to basic firewalls, you pretty much want to keep the interface as easy as possible to use, with as many options as possible.
I've personally used a few routers, but my favorite has to be the Linksys WRT54G (V2.2). The other versions are fine, but only this and the earlier version (as well as the L version) allow you to use custom firmware like DD-WRT and Sveasoft which add tons of nice features.
I also like the SMC Barricade for its slick and easy-to-use interface. Well, these are just some recommendations, of course. I suggest you check out the interfaces of the routers you are interested in, before settling on one.
If possible, buy a router from a manufacturer that uses open source firmware. This is because having an open source firmware allows it to be easily modified or rewritten to improve its functionality. For example, the WRT54G's modified firmware gave me QoS (Quality of Service), WPA2 encryption, better routing and so many more features not found in the standard firmware.
Advanced Level Selection
If you are really hardcore about security and won't bat an eye at paying $400-600 for a hardware firewall, then you've come to the right place. Paying so much gets you enterprise solutions like the PIX501, the 3Com OfficeConnect VPN firewall and the Juniper SSG5. These are extremely powerful routers that eat through traffic like nobody's business, and their firewall is far more powerful than your basic router firewall.
If you can afford such a firewall, you probably know what you're doing anyway. What you should look for will be the levels of transparency afforded by the firewall. The less intrusive they are, the easier they are to run and integrate into the network.
Another concern would be the firewall's ability to peek into traffic. Most firewalls come with SPI (Stateful Packet Inspection), but a good one should come with DPI (Deep Packet Inspection) which allows the firewall to peek at the packet's data contents rather than just header. When coupled with a signature database and basic pattern detection, DPI can hunt down viruses, spyware and other intruders even before they enter. Now, how's that for security?
But let's not get too deep into what such expensive routers can do. They are personally too expensive for my blood. So, let's move on to the hassles of configuring a firewall, a few potential pitfalls and some neat tricks!
<<< Task Manager, Windows Event Viewer : Previous Page | Next Page : Configuring Your Firewall, MAC Filtering >>>