Network Security guide for the home or small business network – Part 2 – A Software Firewall



Do I really need a hardware firewall? I’m running XP Service Pack 2 with the built in firewall? (or norton, or zonealarm?) Well, personal firewalls (the name that software firewalls go by) are good for a great many things that hardware firewalls AREN’T. They do have their limitations though and I’ll try to cover those in this post. Of course, a software firewall is running on the pc that you use to connect to the internet and one of the functions it serves is to “close the doors and windows” or those open ports that a computer can listen for connections on.


The disadvantage of a personal firewall is a very big one. It’s VERY susceptible to being disabled. I had a user once that I had setup with a personal firewall and one time I visited to investigate a possible virus and noticed that the firewall wasn’t running. I was told that “something popped up asking me to turn it off, so I did.” I wondered if a thief came up to the door and asked them to quit using the deadbolt if they would do so. Unfortunately, it’s essentially the same thing. However, let’s say you get a malicious attachment in email that you click, that can disable your firewall. Or, the more mundane breach, a program ran and tried to act as a server and you said “ok”, then you have open ports listening for connections.

Now, you might be thinking software firewalls are useless…. but no they’re not. They do have their place. One very useful aspect is their ability to control programs access to the internet and notify you when a program has changed or requests access to the internet for the first time. The only problem is that you have to have an idea of what programs may need to use the internet to be able to make a good judgement. Zonealarm was typically a “noisy” firewall in the sense that if you opened Internet Explorer it would say “Iexplore is attempting to access the internet. Is that ok?” etc. Like I said, you will need to learn what is normal to make good decisions here. Mail programs, network utilities, web browsers all typically need to access the internet. They RARELY need to act as a server (actually listen for inbound connections).

Are personal firewalls essential? Let me put it this way. You should have a hardware firewall. If you don’t, then a software firewall can “make do” until you get a hardware firewall. Once your network is protected by a true hardware firewall, software firewalls can still be useful. (Allowing/disallowing programs from accessing the network/internet and protecting pcs from other machines on the internal lan.) If you have a small LAN with trusted access (and no wireless) it may be less of a priority to keep a software firewall. They can make networking machines a bit more tempermental. Also, if they don’t “remember” that iexplore (internet explorer) and the like are allowed to access the internet they can be pesky and tedious.

On a larger LAN, or network with laptops coming and going from home/other networks and with possible public wireless access or other groups of untrusted access… YES use software firewalls.

Don’t install and use just anything that pops up from an ad online. Read (not just from their site, but search for the name of the product and find third-party information.) I once de-installed a program that claimed to be a firewall but in fact had left dozens of ports open to the outside world. Also it’s worth keeping in mind how “noisy” a firewall is. Will it ask for users to answer a question everytime they start a program or will it be fairly quiet?

   Send article as PDF   

Similar Posts