When any person or thing can enter your computer at any time, your computer is vulnerable to attack. You can use a firewall to restrict access to your computer and the information inside it.
What does a firewall do?
Firewalls provide protection for your computer or Web site, as Shields shield against malicious software or unnecessary network traffic. Firewalls can be set up to block data from certain areas, while allowing other related and necessary data to pass. These are especially recommended for "always online" web users who rely on wired or DSL modems for Internet access.
What kind of firewall is the best?
There are two types of firewalls: hardware (perimeter) and software (internal). Although each has its advantages and disadvantages, it is much more important to decide to use a firewall than to decide what type of firewall to adopt.
Hardware firewall:
Often called network firewalls, the locations of these peripherals are located between your computer or your network and your wired or DSL modem. Many vendors and some network service providers (ISPs) offer devices called "routers" that also include firewall capabilities. Hardware-based firewalls are especially designed to protect multiple computers, but also provide a high degree of protection for a single computer.
If you have only one computer behind your firewall, or if you can make sure that other computers on your network are constantly patched and protected from viruses, worms, or other malicious code, you don't need to install additional software firewalls to protect them. Hardware-based firewalls have the advantage of having independent devices running their own operating systems, so they provide additional defenses for defensive attacks. Their drawback is the cost, but now there are many products priced at less than 100 dollars (or even less than 50 U.S. dollars)
Software firewall:
Some operating systems contain built-in firewalls; If you are, then consider adding a layer of internal firewall protection at the same time as an existing external firewall. If you don't have a built-in firewall, you can get a firewall software from a local computer store, software provider, or ISP at a relatively small or even 0 cost.
Because there is a risk associated with downloading software from the network to an unprotected computer, it is best to install the firewall software from CDs, DVDs, or floppy disks. Although relying on only one software firewall can provide some protection, knowing that firewalls are on a single computer with the information that needs to be protected weakens the firewall's ability to capture malicious data before it enters the computer.
How do I know which configuration to choose?
Most commercial firewall products, whether based on hardware or software firewall, are configured to be the most acceptable to the majority of users of the security model. Since each firewall is different, you need to read and understand its accompanying file to determine whether its default settings meet your needs. You can also get extra help from your firewall vendor or ISP (whether it's a technical support or a website). In addition, alerts about the latest viruses and worms (such as Us-cert's computer security Alert) sometimes contain settings that you can perform on your firewall.
Unfortunately, while setting up firewalls properly can prevent some attacks, it does not create false illusions about computer security. Although firewalls provide considerable protection, it does not guarantee that your computer will not be attacked. Especially for viruses that run your computer's infected program files, firewalls can provide little or no protection, such as email-borne viruses. However, using firewalls combined with other protection measures, such as anti-virus software and other secure ways to use your computer, can increase the blocking of attacks.