Saturday, March 12, 2011

Firewall and The Choices

Firewalls make it possible to filter incoming and outgoing traffic that flows through your system. A firewall can use one or more sets of “rules” to inspect the network packets as they come in or go out of your network connections and either allows the traffic through or blocks it. The rules of a firewall can inspect one or more characteristics of the packets, including but not limited to the protocol type, the source or destination host address, and the source or destination port.

Firewalls can greatly enhance the security of a host or a network. They can be used to do one or more of the following things:
• To protect and insulate the applications, services and machines of your internal network from unwanted traffic coming in from the public Internet.
• To limit or disable access from hosts of the internal network to services of the public Internet.
• To support network address translation (NAT), which allows your internal network to use private IP addresses and share a single connection to the public Internet (either with a single IP address or by a shared pool of automatically assigned public addresses).

A personal computer connected to the Internet without a firewall can be hijacked and added to an Internet outlaw's botnet in just a few minutes. A personal firewall can block malware that could otherwise scan your computer for vulnerabilities and then try to break in at a weak point.

The only way to make a home computer 100% secure is to turn it off or disconnect it from the Internet. The real issue is how to make one 99.9% secure when it is connected. At a minimum, home computers need to have personal firewall and anti-malware software installed and kept up-to-date to find and remove viruses, spyware, Trojans and other malware. A home network that uses a wired or wireless router with firewall features provides additional protection.



Home PC Firewall Choices

Choices -- Your choices include using the firewall built into Windows, using a third party product, choosing an Internet security suite that includes a firewall, and/or using a hardware firewall router or gateway.

Microsoft Windows Firewall -- The Windows 7, Vista and XP Service Pack 2/3 operating systems have firewalls built in that are turned on by default to block threats from the Internet. You should leave this feature turned on until you replace it with third-party software and/or hardware.

Two-Way Third-Party Personal Firewall Software -- These firewalls block both incoming and outgoing threats. A computer may have outgoing threats when it becomes infected with a virus, Trojan horse or spyware. A challenge for this type of firewall is to distinguish between threats and legitimate software. Three common ways to address this are by vendors including a list of safe software for the firewall to check [white list], malware to block [black list] and/or by issuing a pop up alert to the user asking for advice on what to do [better for experts].

Hardware Firewalls -- A hardware firewall is usually a small box that sits between a modem and a computer or network. The firewall is either based on "network address translation" (NAT) which hides your computer from the Internet or NAT plus "stateful packet inspection" (SPI) for more protection. There are three basic types of hardware devices that include firewalls for home users, Wired Routers, Wireless Routers, and Broadband Gateways. They are inexpensive enough to be used with one computer and can also be used to create a home computer network. They can be used in addition to a software firewall on each computer because they run on a separate box preventing most compatibility problems.

Software firewalls

Does not require additional hardware.Additional cost: Most software firewalls cost money.
Does not require additional computer wiring.Installation and configuration might be required to get started.
A good option for single computers.One copy is typically required for each computer.

Hardware routers

Hardware routers usually have at least four
network ports to connect multiple computers together.
Require wiring, which can clutter your desktop area.
Provide firewall protection for multiple computers.

Wireless routers

Wireless routers allow you to connect computers, portable computers, personal desk assistants, and printers without wiring.Wireless devices broadcast information using radio signals that can be intercepted by someone outside of your home (if they have the right equipment).
Wireless routers are excellent for connecting notebook computers to the Internet and networks.You might have to pay for extra equipment.
Not all wireless routers come equipped with a built-in firewall, so you might have to purchase one separately.



Reference:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
http://www.firewallguide.com/
http://www.microsoft.com/security/pc-security/firewalls-choosing.aspx

No comments:

Post a Comment