Do not operate computers without using firewalls. A firewall protects a computer, or network, through a series of access control policies separating that computer, or network, from other computers, or networks. There are two types of firewalls:
- Software firewall – software running on an individual computer
- Hardware firewall – a dedicated device designed to protect one or more computers.
You should use both a hardware and software firewall.
You should start with a hardware firewall. Hardware firewalls for a home or small business can be as inexpensive as $25, or as expensive as $12,000. You will need to determine how elaborate your firewall should be. For the ordinary home user you need to start with some features as a minimum.
NAT (Network Address Translation): We covered what NAT is earlier in this book. A home firewall should be able to perform a one to many NAT. The firewall should also have the ability to set up a one to one NAT, even if you have no current plans to use this feature. The one to one NAT is a must have for any business.
DHCP (Dynamic Host Configuration Protocol): It was briefly mentioned earlier that this is the service used to assign IP addresses to devices on your network. Ensure your firewall is equipped with an internal DHCP server. This is far less expensive than having a server to do the job, and if you have fewer thirty devise you shouldn’t even consider a separate DHCP server.
Port Management: Any firewall you choose must be able to manage the TCP and UDP ports discussed earlier in this book. If you recall by default the hardware, or network, firewall will close all ports. In addition only standard outgoing ports will be open, for instance internet ports, email ports, ftp ports, along with a few others. Your firewall should give you the ability to close some of these standard ports you won’t be using. The firewall should also allow you to open other ports that may be required for special software, games or devices you would like to use on your network.
Activity Log: The device you choose should be able to track the date, time and activities performed by everyone logging in to make changes. It should also record other activities fielded by your firewall. The firewall log should also be easy to read and decipher.
Graphical User Interface: The firewall should a have simple to follow interface with a context sensitive help button. The firewall you purchase for your home or small business should not require an I. T. professional to configure the basic functions we just went over. Since most small businesses do not have I.T. personnel the initial installation of your firewall ought to be configurable by any lay person with simple instructions in thirty minutes or less. More advanced features might require some reading of the help section. However, it is very reasonable to expect any one of the advanced features to take under thirty minutes to configure the first time you do it.
Now let’s cover software, or personal, firewalls. For most home users of Windows the free firewall included with the operating system is an excellent tool. It has a great deal of resources in your computer’s help section as well as online for configuring the Windows firewall. The Windows firewall does an excellent job at protecting your computer from intruders, malware, and Trojans.
So why would you pay for a software firewall if Windows comes with one for free? The Windows firewall does not check outgoing traffic. This means if you have a virus or Trojan on your machine sending information to the outside world the Windows firewall does nothing to stop this.
There are many excellent firewalls you can purchase separately. Additionally, mentioned in the next section on antivirus software, you can purchase End Point Protection that would include a software firewall. Whichever choice you make be certain the software firewall you choose performs the following functions at a minimum:
- Allows you to set rules blocking incoming traffic.
- Has settings to control outgoing traffic.
- Has a very easy to use interface with plenty of documentation.
- Provides frequent updates.
- Works well with your computer
On the last item, take the time to test the firewall on a free trial to see how well your computer runs with it installed. Use the same criteria for testing a software firewall mentioned in the next section with virus protection software.