What is a Firewall?
Khalid
A computer or device on a network that manages network resources. For
example, a file server is a computer and storage device dedicated to
storing files. Any user on the network can store files on the server. A
print server is a computer that manages one or more printers, and a
network server is a computer that manages network traffic. A database
server is a computer system that processes database queries.
Servers are often dedicated, meaning that they perform no other tasks
besides their server tasks. On multiprocessing operating systems,
however, a single computer can execute several programs at once. A
server in this case could refer to the program that is managing
resources rather than the entire computer.
Firewalls protect your system
If you spend a lot of time on the internet and you are not behind a
firewall, then you are living on borrowed time. Putting some protection
between you and the internet is probably the third most important thing
that you can do (after getting virus checking software and performing
regular backups).
The diagram to the left shows an unprotected system using a DSL modem.
As you can see, someone on the internet can attack the computer system
easily as the DSL modem provides no protection (some DSL modems have
built-in firewalls). An attacker can get through any type of modem -
DSL, cable, 56K, 28.8 or whatever. If the device gets you on the
internet, you are vulnerable.
For those with a DSL, cable modem or other "always-on" connection, you
MUST get a firewall. This is critical, as your machine is always live
and it most likely has a fixed IP address. This makes it easier for
your system to be "found" and attacked.
What a personal firewall does is isolate your computer from the rest of
the internet. It does this by inspecting each packet of data to
determine if it it should be allowed to get to (and in some cases from
your machine.) The best protection completely hides your computer -
this is called stealth mode.
You have the option of installing a software firewall or a hardware
firewall.
Software Firewall - A software firewall runs on your computer system in
the background. It intercepts each network request and determines if
the request is valid or not. Software firewalls offer the following
advantages:
They are generally very inexpensive
They are very easy to configure
They have the following disadvantages:
Since they run on your computer they require resources (CPU, memory and
disk space) from your system.
They can introduce incompatibilities into your operating system.
You must install exactly the correct version for your operating system.
You must purchase one copy for each system on your home network.
Hardware Firewall - A hardware firewall is generally a small box which
sits between your computer and your modem. In general, hardware
firewalls have the following advantages:
They tend to provide more complete protection than software firewalls
A hardware firewall can protect more than one system at a time
They do not effect system performance since they do not run on your
system.
They are independent of your operating system and applications.
They have the following disadvantages:
They tend to be expensive, although if you have a number of machines to
protect it can cost less to purchase one hardware firewall than a
number of copies of a software product.
Since they do not run on your computer, they can be challenging to
configure.
Firewall mixture - In my mind, the best protection is a combination of
both hardware and software firewalls. This is the ideal, since both
have different advantages and disadvantages. Personally, I use a
SonicWall hardware firewall combined with ZoneAlarm Pro, which is
installed on my Windows 2000 Professional system. The SonicWall
protects my home network since it sits between the hub and the DSL
modem, and ZoneAlarm Pro offers some additional protection for each
system.
Testing Your Firewall - To test your firewall, surf to
http://www.grc.com and request a probe. You will be given a very good
report of exactly what issues were found and what to do about them.
Once the probe is finished several excellent personal firewall products
are recommended. My personal favorite is ZoneAlarm Pro, primarily
because it's protection is excellent and it is trivial to use.
Some Firewalls - A selection of personal firewalls is listed below.
ZoneAlarm Pro - By far the best software firewall available. ZoneAlarm
offers protection from both incoming connections and outgoing
connections. It is also extremely easy to configure, has low system
impact and is very inexpensive (a free version is also available).
Norton Internet Security 2001 (which was the AtGuard product from WRQ
until a few months ago). Norton is a reasonable firewall, although it
does have some vulnerabilities. It offers weak protection from outgoing
connections and is somewhat difficult to configure if you want it to
operate differently from the default.
BlackIce - An okay choice in firewalls. Much easier than Norton to
configure, but with the same vulnerabilities.
What I've done on my system is:
Used a SonicWall hardware firewall to protect my entire home network.
Installed ZoneAlarm Pro on each system to provide additional safety
And installed Norton Internet Security for it's privacy protection.
Due to the rapidly changing nature of the internet, it's very important
to be continually monitoring security issues. You may purchase the
perfect personal firewall today, only to find out in six months that
it's been hacked to pieces. So be sure to be looking around, and be
ready to get a newer and better product quickly. This is not one of
those issues where you can scrimp and save. Your system is at risk.