Firewall Application: Do You Really Need One or Are You Better Off Without One ?

firewall

Do firewall products help? Should you get one?

The Windows is a pretty comprehensive platform when it comes to computer machines.

Unlike Linux and probably Mac as well, most of the functions that a regular user needs already come pre-installed in Windows.

The most widely used operating system from Microsoft comes with quite an effective firewall.

And since it comes in the form of a built-in feature, it doesn’t give users any compatibility issues.

Moreover, most modern internet users now have a pretty secure home network.

The home network adds that much needed extra layer of online protection for everybody on the network.

And that’s not all.

If you are using any reputable security suite, that probably has one of its own firewall feature as well.

All of this should lead us to the question whether or not applications or utilities such as personal firewall are well and truly dead?

So are they?

Let’s find out.

Microsoft introduced the first edition of Windows XP back in the year 2001.

That was about 17 years ago.

And some would say that Windows XP represented the first operating system from Microsoft that had a built-in firewall protection feature.

Before that, people had to install a separate firewall application whenever they installed their shiny news Microsoft Windows.

That is the past though.

Microsoft has kept evolving its firewall feature over the past many years.

And because of that hard work, the Windows Firewall is now an effective enough shield.

It can resist many types of online cyber attacks.

What about third-party firewalls?

Aren’t they better than the Windows default firewall?

Well, that is something we will answer very shortly.

But the first thing we need to understand is that third-party firewalls still have one main feature which Microsoft’s firewall doesn’t give users.

It is, control.

Users have great control over the exact way their applications make use of their network.

And that control is what these third-party applications bring to the table which attracts many users to install them on their computer machines.

Most of the good security suite products out there in the market come with their own firewall components.

That component is usually fleshed out enough so that it can handle and offer a great amount of program control.

With that said, the question still remains:

Does anyone really need a personal firewall in the modern world of the internet?

Before we start to answer this question, we should probably point out one other thing.

There are hardly any users out there on the internet now who use a single computer that they connect to the internet directly.

Most of us usually have another powerful and robust layer of effective defense against all types of cyber attacks.

Yes.

We are talking about the wireless router that you’re using right now.

The wireless router is responsible for doling out working connections to all of the user’s devices.

Moreover, it also protects all of those devices.

Most wireless routers make use of the NAT technology, or Network Address Translation in order to assign an IP address to each of the user’s devices.

But the wireless router doesn’t just assign IP addresses.

It makes sure that it assigns those IP addresses which fall in a range that is most likely to be visible only within the user’s local network.

Of course, that is nowhere enough to ensure that the router would have enough about it to block all kinds of direct cyber attacks.

Therefore, now we also have those routers that come with an additional security layer baked right into them.

Port Protection

The reason that so many people can access and enjoy a virtually limitless collection of informative and entertaining websites along with videos is that we have something called an internet connection.

Very obvious right?

What many readers tend to ignore is the fact that the same internet connection opens their computer machines to some more access.

Access?

What kind of access?

Access by other users who are also using the internet.

But that doesn’t mean users are completely defenseless.

Most of the time routers, if the user is connecting to the internet via them, do limit the damage that cyber attacks can possibly cause.

If we are talking about firewalls then the first thing you should know is that they have one major function.

Or task.

And that task involves the firewall blocking malicious and/or suspect traffic and allowing or permitting all other types of valid network traffic.

The users’ computer machine ports act as the entry points for all those network connections.

Most computer machines allow users to open their ports, close them as well as give them the quality of “stealth”.

What do we mean by stealth here?

firewall_in_the_modern_world

Some people still find the need to use a firewall.

Well, stealth here means that the user can basically hide his/her machine’s ports.

Once the user has stealthed his/her machine port, outsider attackers cannot discover that port.

The port becomes invisible.

This is the ideal situation.

And that’s where we think that the Windows FIrewall has more than enough features to ensure that it hides the user’s ports.

In other words, it is completely capable of providing stealth to the user’s PC ports.

We also know that any port that hides behind a router actually appears stealth.

Perhaps this is also an appropriate time to mention that because of the facts we have mentioned above it isn’t always easy to test firewalls.

Most of the time, testers have to make use of a computer machine that utilizes the given router’s DMZ port in order to connect to the internet.

That basically means that for testers, the computer machine must be connected to the internet via the router’s DMZ port.

And in turn, that ensures the computer machine has a direct connection to the internet.

Depending on the user’s network connection, the majority of the firewalls that are available in the market allow users to have multiple configuration profiles.

That enables users to have different rules for different types of internet traffic.

For example, the user may not need too many restrictions for traffic that movies within the user’s home network.

However, the traffic that movies to and from the internet may require a lot more restrictions.

The worst case is if the user has connected to a public network.

In that case, the firewall has to crank up all of its security levels.

Program Control.

Firewalls didn’t always have the cleanest of user interfaces.

Earlier personal firewalls did a terrible job of making the user feel under control.

They actually gained quite a bit of notoriety for bombarding their users with a ton of popup notifications and queries.

Most of the time, these firewalls would catch a program trying to access a specific IP address through the use of a specific port.

Then these firewall products would ask the user if it should or shouldn’t allow that connection.

Based on the user’s choices, the firewall proceeded to either block or allow the program to access a given port.

Regular users would usually always click Allow or, if they had their brain wired differently, always click Block.

As you can probably imagine, stopping and thinking about what program was trying to access what port would have consumed all of the user’s time.

Hence most just went with what their gut said.

ANd the gut usually said to either say NO or YES, every time.

This would be a smart move except that it isn’t.

Most of the times, users who had made a habit of clicking Block everytime the firewall notified them of a program, eventually ended up disabling a crucial program.

Or something else that the computer deemed important.

Symantec Norton Security Premium and Kaspersky easily got around this problem via their high-end firewall applications.

The built-in firewalls that came with Norton and Kaspersky security products completely internalized program control.

And hence relieved the user of having to make a decision on every program that wanted access to a particular port.

The advanced security firewalls configured permissions, on their own, for programs that were good and known.

For bad programs, these firewalls had strict rules.

And appropriately wiped them out.

For the unknown programs, these firewalls had a monitoring schedule.

The market also offered other types of firewalls that used their own and proprietary techniques in order to cut down the number of popup queries that users had to deal with on a regular basis.

To take an example, the market saw the rise of Check Point ZoneAlarm Free Firewall.

firewall_with_antivirus

Firewalls used to be essential. Now, they are not.

This firewall, which came out in 2017, basically checks for bad programs by referencing a massive online database.

The company calls that database as SmartDefense Advisor.

After that, the ZoneAlarm Check Point application automatically configures and manages permissions for all known applications and programs.

But that doesn’t mean this firewall doesn’t give users any popup queries.

It does.

But rarely.

And when it does, users should pay careful and due attention.

Why?
Because chances are, if the firewall did not find the program in its database, then it might as well be a malware attack.

Security experts call this type of attack as zero-day malware attack.

A lot of the good firewalls take due note of a trusted program when it changes the way it operates.

Of course, trust programs change all the time because of the updates that developers of the program may roll out.

But that isn’t always guaranteed.

The chance may represent a virus infection as well.

Sometimes a malicious program adopts the name of a legitimate program so that it may fool a user or the user’s firewall.

Good firewalls keep a lookout for that as well.

But malware infection attempts aren’t always so obvious.

Or prominent.

Hackers use many sneakier approaches as well.

Sometimes they try to connect to the internet by masquerading a legitimate and trusted application or program.

Other times, hackers manipulate a trusted program to connect to the internet.

That is why firewall testers sometimes make use of specific utilities that they call leak tests.

These tests check whether the user’s firewall application has the capability to detect such kind of sneaky techniques.

With that said, they are not necessary now.

Why?
Because modern Windows versions are strong.

They have actually made life extremely tough for malicious techniques like the ones we have mentioned above.

And hence, the usefulness of leak tests has decreased steadily in the past couple of years.

Firewall And Beyond

Kaspersky Internet Security and Norton do offer high-end firewalls that offer some additional protection against all types of network-based cyber attacks.

Most of the time, those protections come in the form of HIPS.

Or Host Intrusion Prevention System.

There are also other features such as IDS.

Or Intrusion Detection System.

Some high-end firewalls use both systems in order to further strengthen the user’s machine against potential malicious attacks.

These features protect users against a lot of things that can hurt someone unprotected.

Among many other situations, the components we have just mentions serve to protect users against those cyber attacks that make use of, or rather exploit, security vulnerabilities.

These security vulnerabilities are usually present in the operating system itself.

Sometimes, these security vulnerabilities also exist in popular programs that have millions of users worldwide.

Security researchers can take a bit of time in discovering a particular vulnerability.

Then it takes even more time for vendors to patch up that vulnerability and thus the security hole.

In that time, hackers till have the opportunity to take advantage of these vulnerabilities and launch cyber attacks which allows them to gain a significant amount of control over their victim’s computer systems.

So what separates the good IDS and HIPS systems from the average ones?

online_firewall

If you have signed up for a good antivirus product then you are all set to go.

Well, our research shows that the best IDS and HIPS systems are able to catch security exploits and resulting attacks at the network level.

That is, they handle these attacks even before they manage to reach their target computer system.

And then you other other effective security suite components.

These include your everyday antivirus software applications.

Antivirus software applications can eliminate malicious payloads that an exploit attack can drop.

Hence, antivirus products stop these attacks before they have a chance of generating any type of harm to the target machine.

Most testers on the web make use of the CORE Impact tool.

It is basically a penetration tool.

The Core Impact tool is a great tool for testers who want to get a feel for any and all of the firewall application’s responses.

A firewall has to respond at appropriate times and pace in order to manage exploit attacks.

So Who Really Needs A Firewall Application?

The modern world of the internet where you have Windows 10 and Google Chrome, we don’t think there is a reason for the majority of the online users to consider installing a separate and standalone personal firewall product.

As mentioned before as well, the Windows Firewall component that comes as a built-in feature does manage to take care of half the job.

So what about the other half then?

Well, most users can take care of the other half with a reputable security suite.

As indicated earlier, security suites also come with firewall components.

The era where we routinely saw computer hobbyists lovingly and carefully selecting each component of their security separately is well and truly gone.

Of course, that doesn’t mean there aren’t any situations where you would want to use a personal firewall.

There are many specific situations in which a user could have the need to install a personal firewall.

Or perhaps a user wants to have the absolute minimum level of security.

Users who want a standalone firewall product for protection don’t have many choices though.
What we mean by that is, the number of available security products that offer only a firewall solution has dwindled over the past many years.

Moreover, you also have to consider the fact that you don’t really have to go out in the market and spend money for a personal firewall.

Here at Security Gladiators, ZoneAlarm Free Firewall 2013 edition has enough about it to retain its position as the best free personal firewall that one could get for protecting his/her machine.

You can then pair that personal firewall with a top rated free antivirus product.

Or you can just install the one that comes with the firewall as a built-in antivirus component.

If you do that, you have successfully managed to install a security system on your machine.

Though it is barebones.

 

Zohair

Zohair

Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Zohair

COMMENTS

WORDPRESS: 0