| What is personal firewall? | | | | almost all personal firewalls. On the other hand is the |
| Personal firewalls are the desktop security products | | | | outbound protection which cause problems to all |
| which are commonly designed to enhance the security | | | | vendors nowadays. The outbound protection means |
| of the operating system by implementing | | | | that only applications that are allowed to can access |
| per-application security. Some operating systems | | | | the Internet or local area network. This is not as simple |
| (including modern Windows systems) implements | | | | as it looks. Imagine the situation that you want to |
| per-user security. Such a security conception is not | | | | browse the Internet with your Internet browser and |
| always sufficient or effective especially when we talk | | | | that you do not want other applications to do so. The |
| about common users workstations. | | | | problem here is that it is not enough only to check |
| | | | which application wants to send the packet to the |
| Threats versus antivirus, antispyware and similar | | | | Internet because modern operating systems allows |
| applications | | | | programs to communicate. An application that is not |
| Today's Internet is a full of spyware, worms and other | | | | allowed to access the Internet can start the browser |
| malware. People looking for valid information can meet | | | | and use it for the communication. Your personal |
| these threats easily. People often download new | | | | firewall has to protect all those privileged applications |
| programs just to try if they are useful. It is almost | | | | against misusing by malware. It has to restrict the |
| impossible for common user to differentiate between | | | | access them. But this is still not enough. The personal |
| malicious programs or programs that include spyware | | | | firewall has to protect itself. Malicious applications |
| and harmless programs before they run them. | | | | should not be able to switch it off or modify its rules. |
| Nowadays, many Internet users know that they should | | | | This means that it also has to protect system |
| not execute every program in a mail attachment but | | | | resources etc. There are many problems in this and |
| rules for execution of user downloaded programs are | | | | we still talk only about one feature - the outbound |
| still underestimated. This is where antivirus, antispyware | | | | protection. The personal firewall should also restrict |
| and similar applications comes. But can they sufficiently | | | | spying on your computer and stealing your data. Also |
| protect people against mentioned threats? The main | | | | the possibility of deleting or replacing important system |
| problem of antivirus and antispyware software is that | | | | files, killing system processes should be restricted |
| they rely on signatures. They need to be updated | | | | because these activity can be used to bypass the |
| frequently to be able to recognize a new malware. If | | | | protection. What you should ask from your personal |
| there is no signature for the new malware in their | | | | firewall is a comprehensive protection against malicious |
| database they are not able to fight it. Yes, there | | | | activity. In this context we often talk about |
| usually are some heuristics implemented in engines of | | | | sandbox.There exist special software products we |
| antivirus software but these methods can only | | | | also call personal firewalls which offer neither inbound |
| recognize smaller modifications of well known | | | | nor outbound protection. These applications implement |
| malware programs. The response time of security | | | | the sandbox only. They can be usually installed |
| vendors differs and it usually depends on the severity | | | | together with some firewall or personal firewall |
| of the new threat and its wildness. It takes from a few | | | | software to tighten the system security and to |
| hours to several months before a signature is available. | | | | minimize the possibility of malicious activity. When we |
| Simply said having antivirus and antispyware software | | | | analyse this kind of software we do not consider the |
| installed will not protect you against the latest threats | | | | missing protection of inbound and outbound protection |
| but they can raise the security of your | | | | as security flaws. |
| system.Purpose of personal firewall | | | | |
| In general the main purpose of personal firewall is to | | | | Poor reviews |
| tighten the computer security, to set up restrictions to | | | | Another big problem are product reviews that are |
| limit possible malicious activity but not to limit the user. | | | | available on the Internet. The vast majority of these |
| Imagine common home workstation. There are many | | | | reviews were written by users or at most advanced |
| applications like text editor, Internet browser, file | | | | users. This is not a bad thing in general. It is good to |
| manager, computer games, media player etc. By | | | | have information about the product from the common |
| default, without personal firewall installed, all these | | | | user point of view. But this information is not enough, |
| applications can do everything as the user who runs | | | | not if we talk about security products. You should ask |
| them. But why should be the text editor | | | | for reviews made by security experts. Those |
| allowed to access the Internet? Why should be the | | | | advanced users do not implement their own programs |
| Internet browser allowed to change system files? Is it | | | | to try to bypass the security of a reviewed product. |
| not a possible danger to allow games to delete | | | | Unless these people understand how personal firewalls |
| documents or control system services? Why should | | | | work on the lowest level they are not skilled enough to |
| be the media player allowed to install kernel drivers? | | | | judge the security level of these products. Usually |
| No, there is no need to allow such actions. | | | | people who write reviews on security products use |
| The purpose of a personal firewall is to set up rules | | | | only well known third party tools to test the security. |
| that limit applications to perform actions they should not | | | | Every personal firewall vendor can then implement a |
| be able to do and to allow actions that are expected | | | | simple protection against these well known tools. |
| from them. This is something what antivirus or | | | | Different methods has to be used to test security |
| antispyware do not. However, it is the fashion | | | | software. The design of the testing product must be |
| nowadays that antivirus products include also the | | | | understood by the analyst. A good analysis can take |
| antispyware features as well as personal firewall | | | | weeks of work. Exact methodology must be set. Just |
| features. Such a product is usually called security suite | | | | look at any personal firewall review on the Internet. Do |
| rather than antivirus. | | | | you see any description of their methodology? Do |
| Good and bad products | | | | they talk about the security and bugs? Did they find |
| Many applications are called personal firewalls but | | | | any bugs? And now, how can you recognize which |
| how to recognize good products from others? For | | | | product is the best? Best from the security point of |
| common user it is very hard to decide. All vendors | | | | view. |
| claims that their product is the best and offer | | | | Non-Windows systems and personal firewalls |
| something unique and extraordinary. We think that as | | | | On non-Windows systems this kind of software |
| personal firewalls are security software the main | | | | exists but it is not called personal firewall. On Unix |
| criterion should be the level of security. Forget all those | | | | based systems the security concepts are different in |
| bells and whistles in security software. If you want | | | | many ways but also lots of things are similar. The |
| Ad-blocking you do not need personal firewall because | | | | important similarity is the per-user security. However, |
| your browser can do it. There are plugins for the most | | | | there are different habits of users of non-Windows |
| popular browser that can block ads, popups etc. | | | | systems. They usually do not use root (Administrator |
| Today's personal firewalls contain many similar | | | | equivalent) account for daily work and it is a very |
| features that have nothing to do with the security. Just | | | | common thing there to create a new user for a small |
| go to your favourite personal firewall vendor's website | | | | group of programs or even for a single application to |
| and read all the features of their products. | | | | restrict its access. Nevertheless, sometimes it is |
| A good personal firewall offers both inbound and | | | | efficient to use per-application security. Read more |
| outbound protection. The inbound protection means | | | | about Jail.For more about personal firewalls and |
| that packets sent from the Internet or local area | | | | security software research please visit Matousec - |
| network to your computer are filtered and only ports | | | | Transparent security. |
| that you want to be open are accessible. This | | | | Original article can be found on our website. |
| protection is standard and is very good and reliable in | | | | |