Go to the home page
Search our site for information
Forum to answer computer related or anything problem
Unique Tips and Tweaks
Windows Computer tutorials
About the Master of the Painfully Obvious
Links to external related sites
Archive of Previous Updates

Conumer Buyer Guide The different types of Firewalls - What is

Firewall - Understanding the Risk


Understanding the Risk

Norton Personal Firewall Bringing in data to your system via the Internet can open a portal to hackers and other security risks. Even accessing standard information like a movie listing or phone number via the Internet can create a window of opportunity through which a hacker can enter.

When Are You At Risk?

The risk is even greater if you run a high-speed, "always-on" Internet connection, but the need for protection is the same regardless of the type of connection you have. While a high-speed connection is definitely more attractive to a hacker, dial-up connections are still vulnerable to attack. All Internet providers are assigned a range of Internet addresses. When you connect to the Internet, one of those addresses gets assigned to your computer. Anyone who knows the range for a particular provider can scan that range looking for open connections. If you are not protected, they will find your address regardless of whether it is high-speed or dial-up.

Telecommuting, or connecting to your office network through the Internet from your home or mobile computer can place the security of both your home and office network at risk. A skilled hacker can "ride" along an unsecured Internet connection to gain access to your home or dial-up office network.

Once connected, they have access to any information on the network and have the potential to do untold damage. The extent of the risk is limited only by the imagination of the hacker.

Types of Risks::

Corporate networks are an obvious target for hackers, but the appeal of private home systems should not be underestimated.

Access to information on personal computing systems is also a valuable target as it includes banking information, passwords, personal documents and more.

Hackers can use your Internet connection to install a program called a Trojan Horse that has the ability to scan everything you type and send it all back to them. This could include any passwords or other sensitive information you might have.

Even when there is nothing of value on a computer, it still requires protection. Skilled hackers can use an unprotected system to hack into other computers. An important element of success to a hacker is that he or she is not traced and apprehended. Working through unprotected system allows a hacker to commit their crimes anonymously and ensure that the only trail of their crimes leads to your computer system.

What Can You Do About It?

A personal desktop firewall is the answer. Just like the familiar corporate firewalls, a desktop firewall controls what data enters and leaves your system.

How A Firewall Works::

A firewall acts like a gate with a security guard positioned between your computer and the Internet. Depending on your instructions to the security guard, it won't let any unauthorized data through the gate to your computer, and monitors what leaves it. Unauthorized intruders at the gate are turned away, and anything leaving is inspected first. In addition, a good desktop firewall works in concert with virus protection and your VPN (Virtual Private Network), should you have one installed.

Types of Firewalls::

There are a number of different types of firewall, including software firewalls, routers, and hardware firewalls.

A software firewall:: is a program that runs on your computer and monitors everything being sent and received through your internet connection. One advantage to a software firewall, that not all hardware firewalls offer, is it can monitor outgoing information as well as incoming. This is particularly effective against the potential security risks of "spyware" or "Trojan horses" programs, which can send information out to the internet from your computer. A sotware firewall guards against this type of risk which usually works in the background undetected and prevents the information from being released.

A hardware firewall:: is strictly dedicated to protecting you from hackers and includes a physical disconnect function. This allows you to actually completely disconnect your computer from the Internet. In some cases the hardware firewall will automatically disconnect you if your Internet connection has not been in use for a certain period of time. Reconnection is simple and easy, and this firewall provides the obvious advantage of limiting exposure through total disconnection.

A router is a type of hardware firewall. They are typically designed to share a high-speed internet connection between multiple computers. The router acts like a roadblock between the Internet and your computer, thereby providing firewall protection. If somebody is scanning for open connections, they will not be able to see your computer.

Selecting a Firewall::

Essentially, a firewall provides a set of filters that either block or allows connections and data transmission between your computer and the Internet. Residing on your computer, the firewall's filters automatically prevent any unrecognized user from accessing your system or any corporate network to which you are connected while you are on the Internet.


A good desktop firewall will allow you to give specific instructions to the security guard at the gate. This feature permits special authorizations to take place. This is important if you use programs that communicate with other computers, such as instant messaging or multiplayer games. A firewall would normally block these types of connections, but if you plan to allow them, you need to be able to tell the firewall to do so.

Virtual Private Network (VPN)::

A firewall provides protection to your actual computer or the computers hosting a corporate network. It is designed around the hardware. A VPN, on the other hand, protects the connection itself between your computer and that of the corporation.

It is essentially a "tunnel" or private path through the Internet that connects your computer to your corporate network. This connection is encrypted so nobody except the two ends of the connection can view the data going back and forth.

If you are using a VPN connection, you need to make sure the firewall you choose is going to be compatible.

If you are looking at a software firewall, you need to ensure that it will support an encrypted VPN connection.

If you are looking at a hardware firewall, look for one that specifically supports a VPN connection.

If you are planning to use a router as your firewall, you will most likely encounter two versions of a given model - one of which will specifically be called a "firewall" or "VPN" router. This is the version that supports a VPN connection.

Hardware or Software::

There are conflicting opinions on which type of firewall is better, hardware or software. They both have advantages, so making the right selection requires matching their features to your individual needs.


Desktop firewall software runs on an individual computer, so if you only have a single computer this may be the most cost-effective way to go. If you have more than one computer that you want to protect, you will need to buy a copy for each of them.

If you are using dial-up internet, the choice is a little easier. Most of the hardware firewalls only have connections for high-speed services, so with dial-up you will likely have to run a software firewall.

Another advantage of software firewalls is they can protect your network against internal attacks.

A hardware firewall sits between your network and the Internet, but doesn't protect the computers on your network from one another. Software firewalls run on each computer, so they are protecting them from each other as well as the Internet.

They will protect against the possibility of a disgruntled employee hacking into confidential company information and distributing it either internally or externally.


If you are protecting multiple computers, a hardware firewall may be more cost-effective.

With a hardware firewall, a router in particular, you can share your high-speed Internet connection with multiple computers. This can provide multiple benefits from a single device.

For overall protection a user should run both software and a hardware firewall. Keep Safe !

<----Back to the Home page

Discuss this in the Forum ---->

Have a problem or question that is not listed on our site let us know and we will add it--We enjoy to hear from our visitors!


© 2003-2005 Grade Computers