Home Computers - Software Firewalls

Home Computers - Software Firewalls
	First created:	03/18/2005
	Last modified:
	Revision number:	2
	Trackback URL:
		Back to Home Page

A software firewall has two functions. First - to stop inbound traffic that you don't want. Second, well, to stop outbound traffic that you don't want. There are quite a few online port scanners that will look at your computer and tell you which ports you have open. Be careful of these as they may be e-mail address harvesting schemes or might put spy/adware on your computer.

There are two types of firewalls, one is a piece of software that you load on your computer "personal firewall". The other is a "little black box" that sits in between your computer and your internet connection. Windows XP (with SP1) has a built in firewall, and it is adequate in most cases. Some Win XP users still use a separate personal firewall due to extra features included in most of them. Most home users (that have one single computer) will use a software firewall. It is important to note that a personal firewall can enforce "application permissions" and a hardware firewall cannot - that is the main advantage. This means you can control your computers access to the internet by PROTOCOL and BY APPLICATION (Word, Excel, Lotus, Acrobat, etc...). I've done this with Zonealarm and Sygate in the past and now I am using the Windows firewall.

I would recommend two firewalls - a personal software and a hardware one. The hardware firewalls are very effective at blocking all inbound traffic and are very low cost.

ZoneAlarm free version - has what most consumers need. In the past, I have used it to control my email access. I restricted my email program (Outlook and Outlook Express) with it. I would only allow Outlook to communicate with my email servers - nothing else. This stopped the web bugs. I had to turn off ZA when I wanted to see external graphics in a email message. Now that I am running Outlook 2003, I don't need ZA anymore as OL2003 stops external graphics with a much better method.

ZoneAlarm Pro version 2 - $50 - advanced consumer product. The pro version has many more features that address other concerns. At work, we have a VPN setup and use ZA Pro on the remote end, this allows tighter control.

Kerio (I did run Tiny firewall about two years ago, but this software has been upgraded and acquired since then). For someone who likes to 'get under the hood' - get this. It should allow you to make rules for specific IP address and ports. You can do this with Zonealarm Pro, but it is a little harder to setup. I've used this in a handful of situations.

Sygate personal firewall - This is used by some people. It seems adequate. I can't say if it is good or bad.