Firewalls: A Guide for Normal People (Part 1)

March 1, 2010 - By Ivan A. Vazquez

March 1, 2010 – Firewalls play a crucial role in network and computer security. In truth, this article applies to both business and home computer users. More specifically, it has been developed for everyday, non-geeky type computer users, with easy-to-understand explanations of their functions and use.
To increase the likelihood that you’ll read all of the information that you need to better protect yourself online, we’ve broken it down into Parts I and II. We will examine the types of firewalls, their typical functions, and how to determine the best type for you.

What is the best type of firewall for you?

In order to determine what type of firewall is best for you, here are five questions to consider:

• What features are most important to me?
• Do I have a history of getting viruses and worms?
• What other security practices do I employ?
• How much am I willing to spend on a firewall solution?
• Do I use many programs that automatically access the Internet?

What if I want a firewall that’s cheap and easy?

For most users, the important part is that they stop bad stuff from getting into their computer. What do firewalls do or have that actually stop this from happening? The average user has several programs that regularly access the Internet, whether they realize it or not. The differences in what they do and how well they do it is based on how well users understand them and learn to configure and review the.

Generally, though, users want something that is either free or, at a minimum, cheap. They also want a firewall that has minimal configuration and isn’t a headache to maintain. Advanced options like encryption, ad blocking, cookie digestion and hiding offer greater privacy, but often entail more work on the user’s part.   There are trade-offs, as always, but most firewall packages provide interfaces that are simple enough for anyone to install, update, and review.   What this means is that firewalls are no longer the sole responsibility of senior network administrators – In 2010, we’re all qualified operators!

What features should I look for in a firewall?

Without going into too much detail as to what these features actually do, let’s at least list the standard options available in personal firewall software:

• Inbound filtering
• Outbound filtering
• Application integrity verification
• Data encryption
• Hiding your presence
• Reporting/Logging
• Email virus protection
• Pop-up ad blocking
• Cookie digestion
• Spyware protection
• Laptop protection

Among these features, some of the most important that should be evaluated are: inbound vs. outbound filtering, application integrity verification, and user notifications. These will be discussed in more detail later in this article.

What does Inbound vs. Outbound mean?

Firewalls work by examining packets of data through a variety of filters.   They analyze the ports used by the data, the addresses through which the data flows, the data characteristics, and the data protocols and types. This information gives you just enough information to understand inbound vs. outbound filtering.

Inbound filtering refers to any incoming data. This is what most people equate to the work of a firewall. However, outbound filtering can be just as, if not more important, to the security of a system.   For example, after installing a firewall like Zone Alarm for the first time, many a user will notice strange programs trying to access the Internet using unusual ports.   These could be malware that nestled into the system through a variety of means. Many people are unaware that such malware is installed.

In this worst case scenario, this means a user can install a firewall and “allow” it to let malware turn their computer into a zombie or drone, under the control of a third party elsewhere on the Internet. As this type of malware is often not discovered by anti-virus software, the purpose of outbound filtering is to detect these programs and prevent them from doing harm to others. In addition, outbound filtering will notify a user of other attempts to access the Internet such as by spybots and spyware, and thus prevent the leaking of your personal information into the virtual world.

To what does the term application integrity refer?

Application integrity verification is just a technical name for observing data changes that occur in your installed programs. Just like dermatologists recommend watching moles for color or size changes, users have to do the same with their installed programs. If a major application has changed since the last usage, and you are certain no user or administrator performed an upgrade or patch, it may indicate a potential problem. In many cases, the alert is due to the fact that you’ve just upgraded that particular application. However, it is important to check because, in some cases, a malicious program could have successfully manipulated and changed a legitimate application, without your knowledge.

What are user notifications?

Most firewalls have user notifications that can be reviewed in their Guided User Interface (GUI) or, in some cases, alert you via pop-up windows. These may notify you that something has occurred or request your approval to allow something to go out of or come into your computer.   It is possible to watch every transaction and log it, but after the first fifteen minutes of using a new firewall, the novelty is sure to wear off. After that, most users will generally set up automatic acceptance and rejection of certain types of requests that are fairly safe and straightforward in nature.

Well, that’s probably enough information for one firewall lesson. In the second part of our series, we’ll talk about the differences between native OS firewalls and third-party firewall software. We’ll also take a look at why native and free might not be enough. Finally, we’ll take a look at some of the various manufacturers and their firewall products. Until then, surf safely and securely!

Related posts:

1. Firewalls: A Guide for Normal People (Part 2)
2. A Ten Step Guide (for Regular People) to Securing Your Home Wireless Network
3. Don’t Let Your Password Choices Set You up for Disaster
4. Learn from Jennifer and Protect Your WiFi and Yourself
5. Mac vs. PC: An Analysis for Normal People