What exactly is a 'firewall' and why do I need it?
This question was answered on March 4, 2004. Much of the information contained herein may have changed since posting.
In it’s original iteration, a firewall is literally a 'fireproof wall' that keeps fire from spreading from one room to another This protective quality of a firewall is what has translated to the computer world.
The main purpose of a firewall in a computer is to limit access from other computers that are connected through a network Since the Internet is the world's largest computer network, a firewall is an essential component to reduce the possibility of an unauthorized person gaining access to your computer via the Internet.
Notice I said 'reduce' and not 'prevent' access.
Think of a firewall as a 'bouncer' at the door of your personal nightclub (computer) Only those that are authorized (have an invitation) are allowed to pass by the bouncer.
A nightclub with no bouncer has no way to 'filter' patrons as they come in, therefore is less 'secure' by that very fact.
When a bouncer is in place, those that come to the door that are not invited are sent away Those that are already inside get their 'hand stamped' by the bouncer before leaving so that the he knows that they were previously authorized.
But, just as in real life, those that have fake IDs can 'fool' the bouncer, which is another reason that they are not a cure-all for security.
Another mistake that will compromise the security of your nightclub is leaving a back door unlocked and open (the computer equivalent of opening file attachments that are infected), which will circumvent the security at the front door.
Unauthorized patrons can sneak in the back door and once they are inside, they can alert other unauthorized patrons on how to access the 'back door'.
A common misconception surrounding firewalls is that they somehow prevent viruses and worms from attacking your computer.
Most worms and viruses come as an attachment in e-mail, which requires the user to open the infected file Once an infected file is opened, it completely compromises the security created by the firewall It is the equivalent of having the owner of the nightclub override the decision made by the bouncer to keep someone out.
Once the rouge patron is allowed in, they can go open the backdoor to let others in.
There are two general types of firewalls; hardware and software-based.
In general, hardware firewalls are more flexible, more reliable and more effective and more expensive.
Software firewalls can be more complicated to install and configure, can cause problems to your computer because of conflicts with other programs and are easier to get around, but they are generally cheaper (free in some cases).
If you have several computers that you want to safely connect to a high-speed Internet connection, your best bet is to purchase a ‘broadband router’, which acts as both a firewall and a sharing device.
Companies such as Linksys, Netgear, D-link and SMC to name a few, offer products that range between $75 to $150 dollars.
If you only have a single computer and you want inexpensive protection, you can get a free version of ZoneAlarm, which is available at www.zonelabs.com (look for the free version in the 'Direct Links' section on the bottom right of the page).
Remember, software firewalls can be problematic depending upon what else is already installed in your computer and especially if you are already experiencing some other kind of problem, so installer beware!
About the author
Posted by Ken Colburn of Data Doctors on March 4, 2004