- Internet & the Web»
- Viruses, Spyware & Internet Security
Firewalls and Routers: How to Choose The Right Ones
What a firewall protects you against
As we mentioned above, a firewall is essentially a network traffic filter. It’s main focus is incoming traffic. The firewall tries to make sure you get what you ordered? and nothing else. If you request a website through your browser, or your email program checks for new mail, you want to get clean answers. No unwanted code should be attached to the incoming traffic. The firewall analyzes traffic packets by looking at their technical characteristics and seeing if anything seems abnormal there.
Most firewalls also allow you to set rules for incoming traffic. You can decide which applications can access the internet, which website can be visited, which keywords searched for. This way, you can make sure you are never served unwanted content.
Finally, a firewall also protects your system against DDos attacks, Ping of Death and other attempts to kill it off. It does so by blocking massive malicious traffic or shutting down before your system gets fried.
Hardware vs software firewalls
You might be aware that a firewall can be software or hardware. People often ask which is better, but in fact you are best off using both. Software firewalls are useful as an extra layer of protection, but are insufficient if you are serious about network security. You need a hardware firewall as well.
Software firewalls are generally user-friendly programs that are easy to install and switch on. They need to be installed on each computer in your home network. If you only have one or two computers, that’s not a big problem.
Software firewalls have some disadvantages and limitations. Firstly, like antivirus programs, they put a burden on your system. They could slow it down. Secondly, they fail to support a general rule in network security, namely that a threat should be kept as far away from its target as possible. A software firewall provides no distance to the target: it is installed right onto it!
Today’s hardware firewalls usually perform what is known as Stateful Packet Inspection (SPI). This means that they look at the header or “envelope” of each data packet and decide if it is ok to go. “Stateful” means that the firewall has some understanding of how the packets belong together to form a request or process. It knows what those should look like and checks if the traffic seems normal.
In addition, some firewalls are capable of doing Deep Packet Inspection (DPI). This means that they open the envelope and look at the content of the data packet. This gives them a lot more to work with, but also a lot more work to do. The distinction between antivirus software and firewall becomes blurred in this case.
Firewall developers tend to give the firewall’s functions fancy names, like intrusion prevention and intrusion detection system, or botnet protection. Some firewalls need regular contact with the manufacturer’s databases to get the latest threat information and adjust settings accordingly.
The difference between a router, modem and firewall
Most internet providers send you one box that has a modem, router and a firewall inside. It’s important to have a basic understanding of the differences between these three devices though.
A modem connects your system to the internet at the most basic level. It translates analog waves into digital data and vice versa.
A router puts in place an essential zip code or address system, that allows your internal network to exchange data with the internet. In fact, having a router is already a basic security measure, if it uses the Network Address Translation (NAT) method. This means that the individual machines in your home network are no longer visible to outsiders. Instead, the router provides one, different IP-address to the world, behind which your home network is hidden. This makes it more difficult for wannabe intruders to find an individual machine in your home network.
Some router-firewalls can act as proxy servers. This means that extra software has been installed that acts as a server. This can do caching (storing copies of web pages so that you can access them more quickly), but a proxy can also make your traffic seem to come from another place.
Choosing the right firewalls for your home office
As for your software firewall: you probably already own one. Windows from XP SP2 and OS X from v10.5.1 have a software firewall built-in. You just need to switch it on and check its settings. Experts generally consider these firewalls to be good enough, if used as an extra layer of protection.
On the other hand, you could decide to diversify. Buy or download a software firewall from another developer. These firewalls often come in combination with antivirus software. Refer to the tips we gave for antivirus software before selecting one.
With hardware firewalls, you will notice huge price differences. You can get one for free from your internet service provider or spend thousands. A free or cheap firewall can be safe enough, if you:
• work with only one or two persons
• don’t need any hard work done by the firewall, such as deep packet inspection
• don’t care too much about logs and setting choices
More expensive firewalls typically have more powerful hardware, that allows huge workloads to be processed fast. A cheap firewall can become a bottleneck in your system if you ask it to do too many checks on too much traffic. The technical terms to look for in this respect are throughput and latency.
How much you need to spend on a hardware firewall is a matter of faith, in a way. Some people build their own firewall by running free or cheap software on an old computer. They argue that it is nonsense to pay big money. On the other hand, there are mega companies like Cisco who offer expensive hardware and software subscriptions. In addition you need paid expert advice to make sense of all the options and settings. They do have some affordable small business products. If you are not interested in learning about the technology and keeping up with developments, we would suggest you go for a firewall that costs no more than $300 and does not require expensive software subscriptions.
Settings and updates are all that counts
All this being said, there is some discouraging news: even the best security hardware and software is useless if you don’t set it correctly. Carrying out software updates as soon as they become available is essential as well.
Once you have decided which antivirus and firewall products are right for you, you need to think of how you are going to manage them. At the very least you should set the products to update automatically and give them the recommended settings. At best, you should know how to set them. Taking expert advice here could be a good idea. It will cost you some money, but you’ll save a lot of time and reduce your risk of missing a crucial setting.
Firewalls and Network Security by Dr. Daniel Soper
Antivirus and Firewall
Whether you are self-employed or regularly work from home for your employer, you are likely to be working with personal or otherwise confidential data.
If your employer has a IT-department and they tell you what to do, you are lucky. If not, or if you are self-employed, it is critical to learn about this and get the right measures and processes in place.
You probably know that you need an antivirus program and firewall. But do you really know how to pick the right one? There are so many products out there, all making security claims and bombarding you with technical terms.
This article explains what antivirus software (part I) and a firewall (part II) do for you and how you can choose the right ones.
The difference between an antivirus program and a firewall
First of all, you might ask: “What’s the difference between antivirus and firewall protection? Do I really need both?”. The answer is “Yes, you do“. Essentially, an antivirus program is software that tries to find malicious code installed or about to be installed on your system. It then tries to quarantine and remove it.
A firewall on the other hand is either hardware or software that monitors traffic. It examines the connections that your computer or home network has with the outside world (the internet) and analyzes all data packets being exchanged. It makes decisions on which traffic can be allowed to pass and which should be blocked.
The confusing thing here is that many security products combine antivirus and firewall functionality. That’s why it’s important to know the essential differences and understand what these products are actually doing.
What an antivirus program protects you against
Antivirus software protects you from all sorts of malware. Viruses were just the first type of malware that appeared in the nineteen eighties, hence the name. Today, you will also encounter key loggers, worms, browser hijackers, rootkits, trojans, ransomware and many other unwanted guests. Learning what all of these terms mean is one option, but you could also leave that to the experts, in this case the developers of your antivirus software.
It’s more useful to understand the goal that all malware has in common. Essentially, the bad guys are interested in using your system and your data for their own business. There is a worldwide, multi-billion dollar industry out there, based on hijacked computers and stolen data. There is also a black hat marketing industry that wants to sell you stuff by harassing you, tricking you or invading your privacy.
Through malware, your computer can be recruited to serve in a botnet, a network of otherwise innocent computers that are controlled by criminals and used for things like sending spam mails and attacking websites. The data on your computer, be it your own, your clients’ or your employer’s, is worth gold as well: it can be used to provide criminals with a fake identity, or simply for stealing money from credit cards and bank accounts. Competitors could contact your clients and lure them away.
Malware developers will think of any available option to get their code into people’s systems: they will try and manipulate browsers, hardware drivers, operating systems or any other software installed on your computer. They try and make you install their code by offering fake websites, phishing emails and “free” software. They set up scams to make you believe you need their product (such as fake antivirus software!).
Choosing your antivirus software
Finding the right antivirus program is a challenge. On the internet, you have to watch out for sponsored (i.e. fake) reviews, and even scams. Here are some tips to help you out.
- Avoid fake, bogus software. Read reviews in reputable magazines and websites only. See where the companies are located, if they have an address, names and faces. Read about the company history in Wikipedia and find some published interviews with the owners.
- Avoid software that will slow down your system. The best bet here is to go for cloud-based solutions.
- Get good quality. This is very difficult to judge if you are not a specialist, but you can read the developers’ blog on malware . Do they explain clearly what their product does, and do they have recent posts about quick responses to new threats? This should give you some impression of how good they are. You could also look up a recent new threat published by an authority website and compare how the software developers responded (if at all).
- You need support. Antivirus software tends to ask you questions. It finds potential malware and asks you what to do with it. Support from the software developer could be helpful in such cases. Find out what their support policy is. Ask them a question and see how they respond.
- Rootkits require special attention. Check how the antivirus program deals with this. Consider running a special rootkit removal tool from time to time.
Best Ways to Protect Against Computer Viruses by ThioJoeTech
How antivirus software works
Scared? You should be. Antivirus programs face a daunting task. The goal keeps moving and has countless faces. Most antivirus programs do signature-based detection. This means that the company has already found it, analyzed it and added it to the program’s knowledge database. Your security depends on the fanaticism and cleverness of the software developers in finding and analyzing any kind of malware out there – as soon as it appears.
Some antivirus software uses new and extremely thorough techniques like sandbox detection and machine learning. Sandbox detection means that suspicious code is taken into a safe environment and executed there, to see what it does. Machine learning attempts to make the computer understand and predict code in an more intelligent way than just by comparing signatures.
Doing all this takes a lot of processing capacity. Antivirus developers try to limit the burden on the user’s system by doing some of the work in the cloud, that is on their own computers. Another issue that antivirus software faces are rootkits. Rootkits are malware that sits in a deeper layer of the system than the antivirus software. This gives it more power and the ability to trick the antivirus software into thinking that everything is ok.