The purpose of a firewall is to provide protection against outside attackers by shielding your computer or your network from unnecessary or malicious traffic, usually from the Internet. In general firewalls are capable of blocking traffic from certain locations while allowing legitimate traffic through. Firewalls are especially important where a computer or network uses an “always on” connection like DSL.
Firewalls come in two forms: hardware and software. Hardware firewalls are external devices that are normally positioned between your computer or network and your Internet connection. In the case of home users, your Internet Service Provider may have provided a device described as a “router” that incorporates some firewall functionality.
Hardware Based Firewalls
Hardware based firewalls are particularly good for protecting multiple computers but also offer a high degree of protection for a single computer. If you only have a single computer behind the firewall or you can be certain that all of the other computers on the network are up to date on patches and a free from malicious software you may not need the additional protection that can be provided by installing a software based firewall.
Hardware firewalls have the advantage of being separate devices running their own operating systems and as such provide an additional line of defence against attacks. The main drawback of hardware based firewalls is cost.
Software Based Firewalls
Some operating systems provide built in firewall functionality; if the operating system that you are using includes this functionality you should consider enabling it. If your operating system does not provide this functionality there are a number of free, shareware and commercial offerings available. We recommend that firewall (and other security software) is only ever installed from a CD/DVD obtained from a trusted source as this mitigates the risks associated with installing software downloaded from the Internet. If you do want to install security software from the Internet make sure it is from a reputable, secure web site.
Although, it is possible to rely on a software based firewall alone, this is not recommended as having the firewall on the same computer that you are trying to protect limits the firewall’s ability to catch malicious traffic before it enters your system.
What is the best approach?
The best possible approach is to utilize a hardware firewall between your network and the Internet and install (or enable) software based firewalls on all the computers on your network as this will mitigate the effects of attack by external parties and also provide a level of protection against viruses, worms or other malicious software spreading throughout your own network.
Configuration Options
Most commercial firewall products will have a configuration that is acceptable secure for most users but, since each firewall is different, you’ll need to read and understand the documentation that is provided with the firewall to understand whether its default settings are sufficient for your needs.
Be Vigilant
The key thing to remember is not to be lulled into a false sense of security. While firewalls can limit the possibilities for external attacks and software-based firewalls can provide a degree of protection against malicious software spreading throughout your network, firewall provide little or no protection against malicious software that spreads by email (by tricking you into to clicking on attachments) or compromises web sites. Even if you have firewalls installed you should still make sure that your anti-virus software is up to date and that you exercise caution in the websites that you visit.
No comments:
Post a Comment