A detailed explanation about firewalls
What is a Firewall?
The simplest way to describe the firewall is to liken it to the prison guard at the prison entrance.
The duty of the warden is as follows:
- Controls who enters and exits the building based on certain rules.
- Prohibits entry or exit to specific persons
- If he or she does not know about the entry or exit rights for a particular person, he/she consults his superiors on how to do so.
A firewall is a program, device, or set of devices that does exactly this job for our computer: it controls communication, downloading, or sending data from specific programs over a network.
Some programs have free access to send and receive data on the network (such as the browser, e-mail program, or the service for operating system updates).
Other programs, such as recognized malware, have denied access - for these programs, it's basically like there's no network.
Finally, because no firewall has rules for the millions of programs on the market, most "home" firewalls ask the user when a new, unknown program first tries to access the network. In this question, there is almost always the option for the firewall to remember the rule (yes or no that the user will answer) and not to ask again.
The firewall designation came from the special walls, which were designed to contain a fire in the event of an event and not allow it to spread to the rest of the building. Later, firewalls were named metal plates on cars and planes, the purpose of which was to separate the passenger space from the engine.
Types of firewall
Firewalls are divided into software and hardware.
Software firewalls are programs that are installed on the computer, in the same way, that we install an antivirus to protect against viruses.
Advantages of a software firewall
- It's cheaper than hardware firewalls
- It is easier to set up and use
- One can install a software firewall on a laptop that will use anywhere
Disadvantages of a software firewall
- Protect only the computer on which they are installed, and multiple licenses are needed for multiple computers
- Consume power from processor and system memory
- They have fewer options in their settings than hardware firewalls.
Hardware firewalls are devices that interfere with the computer or network and the Internet. Some better quality routers have built-in a hardware firewall.
Advantages of a hardware firewall
- A hardware firewall can protect an entire computer network
- They have their own processor and memory, so they do not burden the computer's resources at all
- Hardware firewalls cannot be disabled by malware, as can be the case with software firewalls
- Protect the system in whatever state the operating system is in - even if it is just installed
- Some advanced Hardware firewalls include antivirus-antispyware protection
Disadvantages of a hardware firewall
- A hardware firewall costs clearly more than a license for a software firewall
- Setting up hardware firewalls is more difficult, and is aimed at more advanced users
- A hardware firewall is a machine that needs to be installed at a specific point and have access to power and the network.
- If a program is blocked by the firewall, a message does not automatically appear on the user's computer, it should manually enter the firewall administrative system and allow it to function.
- If a hardware firewall that protects an entire network of computers fails, all computers remain unprotected.
- While there are some open-source or freeware firewall programs, which are legally free, there is no corresponding solution for the hardware firewall.
In the vast majority of cases, software firewalls are aimed at home users and hardware firewalls are aimed at businesses or large organizations with computer networks (schools, universities, public services, etc.).
As this article has an introductory tone of voice and is addressed to users who are not familiar with the technology, from now on whenever we mention the firewall we mean the software firewall.
Why do I need a firewall on my computer?
There are many reasons to want to know which programs on our computer are communicating with the network.
- There are programs called keyloggers which, if they have compromised our system, record everything we write on the keyboard (possibly including passwords and credit card numbers) and send them automatically to a server.
- There are also remote administration programs that allow someone to see everything we see on our screen and additionally take full control of our computer, even the keyboard, mouse, and power button.
- It has made its appearance at least one virus that infects machines that do not have a firewall, just because it finds them unprotected.
In general, not having a Firewall on the computer is like sleeping in a detached house with windows wide open. It used to be relatively safe, but these days it's rather risky. It may not happen, but there's no reason to risk it. And, of course, as in the case of Windows, there is always the possibility of some malware disabling or bypassing our firewall.
Therefore, we should be careful anyway in what kind of programs we download and run on our computer - especially if we visit suspicious sites.
If it is so necessary, why does my computer not already have a firewall?
Actually, it does. All Windows Vista, Windows 7, and Windows 10 based computers have Windows Firewall built-in, which is by default enabled.
Of course, there are several who question its effectiveness...
If you want a firewall that is more flexible and has more features, you need to choose a third-party firewall, free or paid for.
Note that if you install a firewall, it is a good thing to turn off the Windows firewall, not to run both at the same time. To do this, in Windows 7, go to Control Panel -> System and Security and select the windows firewall.
Then you'll find the option to turn it off on the left.
If I have antivirus, why have a firewall?
Unfortunately, antivirus is only useful for malware that is recognized as a threat. If a virus that intercepts credit card details, for example, is very new, and the way it is manufactured does not resemble a virus already known, Antivirus will not recognize it as a virus.
Until Antivirus downloads the latest security updates from its company, it will let the virus act undisturbed on our system.
The firewall, however, is suspicious. If any new program tries to gain access to the internet - in our example, if the virus tries to send our credit card details to an external server - the firewall will immediately ask if we want to let that program communicate over a network. By answering "No" to this question, our card details remain secure.
So, with a firewall, I am completely safe, even if I do not have an antivirus?
Antivirus and firewall are two completely different products that serve different purposes. For example, if our system is infected with a virus that destroys word files, the firewall will not detect or stop it, as it does not attempt to contact the network.
If my antivirus is Internet Security, do I need a firewall?
Most antivirus companies have products that identify them as Internet Security, which include antivirus and firewall in the same suite of applications. In this case, then, you do not need a separate firewall, as an internet security product already works.
So if I have antivirus and firewall or Internet Security, I'm completely safe, right?
Subject to conditions. For Antivirus, it must be constantly updated with the latest security files to recognize all newer viruses.
Regarding the firewall, you should be very careful when asking you to give permission for a program to access the network.
If you press "Yes" where you shouldn't, you'll let a malicious program communicate - so it's like you don't have a firewall for that particular problem.
Instead, if you press No to a question about a legitimate program, you'll block it from the network and it won't work properly. For example, if it is the update program for your printer drivers, the program will not be able to communicate with the internet and download the latest version.
Essentially, all responsibility for the operation of the firewall, in a home environment, falls more or less on the user.
How am I supposed to be sure if I have to press Yes or No?
Most firewalls, when they ask permission for a program, have some details option which also shows the path of the program file.
For example, if the firewall asks about the C:\programfiles\HewlettPackard\HPupdat.exe, and recently you or a technician had installed the drivers for a Hewlett Packard device on your system, then 90% of that file is safe to access the internet.
On the contrary, if you do nothing, a screen appears that says that the file c:\Windows\Temp\23kjgskjg.js wants to access the network, logic says it is something malicious, you must deny it access and make sure to delete it from your system as well.
The third case is to open a file that you believe is an image file or mp3 song and the firewall to detect that the program is requesting access to the internet. In this case, the image file or song you attempted to run is a camouflaged executable file, with notoriously malicious code, so you still need to deny access and erase it as soon as possible from the system.
For better or worse, in the case of home firewalls security largely depends on the user's judgment. Users who uncritically press "yes" or "no" on what the firewall shows them are like young children, who can open the door to anyone or, on the contrary, not open the door to their mother who forgot her keys.