A firewall looks for and attempts to stop forbidden communications between two computers. Firewalls work by examining each piece of traffic entering or leaving the network and blocking those which do not meet specified criteria. If the communication is an allowed type (for example, Windows passing your user name and password to the company network during login), the message is allowed through. If the communication is unrecognized (for example, a virus attempting to impersonate Lotus Notes but really sending your password out to a hacker), the traffic can be stopped.
There are two kinds of firewalls: "personal" or software firewalls and "network" or hardware firewalls.
- Software firewalls are relatively easy to install and provide good protection. They filter traffic entering or leaving a single computer. Software firewall programs (such as ZoneAlarm, Norton or Comodo) can be downloaded from the Internet and may be available in a free version for home users. (Note: If your home computer's operating system is Windows XP or Vista, it has a built-in software firewall but Windows has not traditionally performed well in bench comparisons. Most security experts recommend replacing or at least supplementing the Windows firewall.) For more on personal firewalls and how they work, see the first page of this article.
- Hardware firewalls require you to buy and connect a separate piece of equipment, but they provide stronger protection. They plug in between your internet connection (such as the cable-modem or DSL line) and the computer. Hardware firewalls are often built into routers, allowing multiple computers to share a single, protected connection to the internet. Hardware firewalls often also have the ability to perform network address translation (NAT) which hides the specific IP address of your computer and makes it much harder for a hacker to launch an attack against you. Hardware firewalls are available at many electronics retail stores, usually starting at $50-$75.
CERT (the Computer Emergency Readiness Team) strongly recommends the use of hardware firewalls, especially if you have a broadband or "always on" connection. See "Before You Connect a New Computer to the Internet" for more information.
Some firewalls will display a pop-up box asking if you want to allow the message. If you see one of these pop-ups, never allow the traffic unless you are sure that you know exactly what it is doing. Remember, the firewall won't do any good if you give permission for the virus to send out your password.