A firewall is a blockade that prevents hackers from accessing your computer. There are multiple flavors of firewalls, and this article will help you understand the world of the firewalls a little more.
Hardware (physical) Firewall
There is a firewall built-in to your router, or sometimes inside the cable-modem (for example: U-verse). These are hard-coded firewalls that protect you from hackers trying to get inside your network. They are the most secure variation of protection, because if a hacker is being blocked from your network, there’s no way they will be able to even get to your computer.
Unlike something that’s physically built-in to a router-device, a Software Firewall is one that is running on a computer. There are two types, one that blocks network traffic from dialing-in through certain extensions, and one that blocks other software from connecting to the internet. Most of today’s software-based Firewalls, including the built-in-to-Windows Firewall, provide both of these types, to a certain extent.
Ports vs. Programs
When an application like Internet Explorer calls up a website, it ‘dials’ an extension (number 80 for normal HTTP based web pages). This extension is called a “Port”. So when you go to google.com, you’re actually ‘calling’ google’s web-server’s port number 80. This happens automatically on the back end. Some other programs, like your Outlook, calls different port numbers to send/receive e-mail. There are thousands of different ‘ports’ that may or may not be allowed to travel through your firewall.
Software-based Firewalls can block not only network ports (like Hardware Firewalls do), but also can prevent an individual program from using any port. Since some programs need to access the internet to work, this means that hard-core firewalls might prevent a program from working…
So … what Firewall do I need?
The answer is not super-straightforward, but it’s not too complicated:
If you have a router, then most of the bad stuff won’t even get to your computer, and then you don’t need a software-firewall that’s too agressive at blocking programs. The built-in Windows firewall will do just fine for you, especially if you have anything newer than Windows XP. A lot of “Internet Security Suite” programs like Norton, Webroot Spysweeper, even the Paid-for version of AVG, offer to replace the Windows firewall for one they’ve made themselves, and it can actually make your system performance suffer.
If you are paranoid about the FBI watching you, then instead of getting an Anti-virus/Firewall combo software, get one software that’s known for its decent Anti-virus portion, and another that’s known for its Firewall capabilities. A Personal Firewall is a form of Software-Firewall that will assume everything needs to be blocked until you ‘allow’ it to pass. This creates a lot of annoying pop-ups at first, but after you’ve set up “always-allow-this-program”-rules for all applications on your healthy system, then you’ll only be warned when something not-so-legit is about to happen. Comodo is a free example, and ZoneAlarm is also well-known.