| If you spend a lot of time on the internet and you are | | | | They have the following disadvantages: |
| not behind afirewall, then you are living on borrowed | | | | - They tend to be expensive, although if you have a |
| time. Putting some protectionbetween you and the | | | | number of machines toprotect it can cost less to |
| internet is probably the third most important thing | | | | purchase one hardware firewall than a number |
| thatyou can do (after getting virus checking software | | | | ofcopies of a software product. |
| and performing regularbackups). | | | | - Since they do not run on your computer, they can be |
| The diagram to the left shows an unprotected system | | | | challenging toconfigure. |
| using a DSL modem. Asyou can see, someone on the | | | | Firewall mixture - In my mind, the best protection is a |
| internet can attach the computer system easilyas the | | | | combination of bothhardware and software firewalls. |
| DSL modem provides no protection (some DSL | | | | This is the ideal, since both havedifferent advantages |
| modems have built-infirewalls). An attacker can get | | | | and disadvantages. Personally, I use a |
| through any type of modem - DSL, cable, 56K, | | | | SonicWallhardware firewall combined with ZoneAlarm |
| 28.8 or whatever. If the device gets you on the | | | | Pro, which is installed on my |
| internet, you arevulnerable. | | | | Windows 2000 Professional system. The SonicWall |
| For those with a DSL, cable modem or other | | | | protects my home networksince it sits between the |
| "always-on" connection, you MUSTget a firewall. This | | | | hub and the DSL modem, and ZoneAlarm Pro |
| is critical, as your machine is always live and it | | | | offerssome additional protection for each system. |
| mostlikely has a fixed IP address. This makes it easier | | | | Testing Your Firewall - To test your firewall, surf to |
| for your system to be | | | | request a probe. You will be given a very good report |
| "found" and attacked. | | | | of exactly whatissues were found and what to do |
| What a personal firewall does is isolate your computer | | | | about them. Once the probe is finishedseveral |
| from the rest of theinternet. It does this by inspecting | | | | excellent personal firewall products are recommended. |
| each packet of data to determine if itit should be | | | | My personalfavorite is ZoneAlarm Pro, primarily |
| allowed to get to (and in some cases from your | | | | because it's protection is excellentand it is trivial to use. |
| machine.) Thebest protection completely hides your | | | | Some Firewalls - A selection of personal firewalls is |
| computer - this is called stealthmode. | | | | listed below. |
| You have the option of installing a software firewall or | | | | - ZoneAlarm Pro - By far the best software firewall |
| a hardwarefirewall. | | | | available. ZoneAlarmoffers protection from both |
| Software Firewall - A software firewall runs on your | | | | incoming connections and outgoing connections. |
| computer system in thebackground. It intercepts each | | | | It is also extremely easy to configure, has low system |
| network request and determines if the requestis valid | | | | impact and is veryinexpensive (a free version is also |
| or not. Software firewalls offer the following | | | | available). |
| advantages: | | | | - Norton Internet Security 2001 (which was the |
| - They are generally very inexpensive | | | | AtGuard product from WRQuntil a few months ago). |
| - They are very easy to configure | | | | Norton is a reasonable firewall, although it doeshave |
| They have the following disadvantages: | | | | some vulnerabilities. It offers weak protection from |
| - Since they run on your computer they require | | | | outgoingconnections and is somewhat difficult to |
| resources (CPU, memory anddisk space) from your | | | | configure if you want it to operatedifferently from the |
| system. | | | | default. |
| - They can introduce incompatibilities into your | | | | - BlackIce - A good choice in firewalls. Much easier |
| operating system. | | | | than Norton toconfigure, but with the same |
| - You must install exactly the correct version for your | | | | vulnerabilities. |
| operating system. | | | | What I've done on my system is: |
| - You must purchase one copy for each system on | | | | - Used a SonicWall hardware firewall to protect my |
| your home network. | | | | entire home network. |
| Hardware Firewall - A hardware firewall is generally a | | | | - Installed ZoneAlarm Pro on ach system to provide |
| small box which sitsbetween your computer and your | | | | additional safety |
| modem. In general, hardware firewalls havethe | | | | - And installed Norton Internet Security for it's privacy |
| following advantages: | | | | protection. |
| - They tend to provide more complete protection than | | | | Due to the rapidly changing nature of the internet, it's |
| software firewalls | | | | very important tobe continually monitoring security |
| - A hardware firewall can protect more than one | | | | issues. You may purchase the perfectpersonal firewall |
| system at a time | | | | today, only to find out in six months that it's |
| - They do not effect system performance since they | | | | beenhacked to pieces. So be sure to be looking |
| do not run on yoursystem. | | | | around, and be ready to get anewer and better |
| - They are independent of your operating system and | | | | product quickly. This is not one of those issues where |
| applications. | | | | youcan scrimp and save. Your system is at risk. |