What's a firewall, and how do I set one up?

Helping people with computers... one answer at a time.

A firewall is critical to keeping your internet-connected computer safe. We'll review what a firewall is and the two different types of firewalls.

I keep hearing the term 'firewall' and how I need one when I connect my computer to the internet. What's a firewall, why do I need one, and how do I set one up?

•

Many types of viruses and other types of malware can be prevented simply by using a good firewall.

In your car, a firewall is the "wall" of metal between you and the engine. Its purpose is to prevent engine fires from reaching you.

A firewall for your computer is much the same - the point is to keep you from getting burned.

Let's look at the two common types of firewall.

•

Network-based threats

A firewall fundamentally protects your computer from network-based threats.

Almost all computers on the internet are under constant attack. Malware on other machines, hackers, bot-nets, and more are waging a slow but extremely persistent war, checking for any unprotected vulnerabilities on other internet-connected computers. If they find such a vulnerability, they then infect the machine that they've found or worse.

"Almost all computers on the internet are under constant attack."

The basic concept of a firewall is very simple: it blocks or filters certain types of network traffic from ever reaching your computer.

Traffic that you want to reach your computer:

Websites pages that you visit
Software that you download
Music or videos that you might watch
And more...

Other traffic that you definitely don't want:

Your neighbor's machine infected with a botnet trying to connect to your machine over the network to spread the infection.
Overseas hackers trying to gain entry to your machine over the network to steal your personal information.
And more ...

A firewall knows the difference.

Hardware firewalls, like your router

A router sitting between your computer and the internet is one of the most effective and cost-effective firewalls that the average computer use can have.

The router's job is to "route" data between the computers on your local area network and the internet.

Routers also allow you to share an internet connection by what's called "Network Address Translation". As it's more commonly referred to, NAT "translates" between your internet-facing IP address and the local IP addresses that have been assigned to your local machines by the router.

Routers then watch for connections initiated by your computer to resources out on the internet. When a connection is made, the router keeps track so that when a response comes back on that connection, it knows which of your local machines to send the data to.

The side effect is that if an outside computer tries to start a connection, the router doesn't know which computer to send it to. All it can do is ignore the attempt.

That effectively blocks everything on the internet from trying to start a connection to a machine on your local network.

And that makes your router a powerful incoming firewall.

Your router will not, however, filter outgoing traffic.

Software firewalls

Software firewalls are programs that you install on your computer. They operate at a very low level - as close to the network interface as possible - and monitor all your network traffic. While all of the network traffic still technically reaches your machine, the firewall prevents malicious traffic from getting any further. Much like a router, a software firewall prevents the rest of your system from even realizing that there is any malicious traffic.

In addition, some software firewalls can often be configured to monitor outgoing traffic. If your machine becomes infected and some malware attempts to "phone home" by connecting to a known malicious site or tries to infect other machines on your network, a software firewall can often warn you and block the attempt.

All versions of Windows after XP have a software firewall built in and all versions after Windows XP SP2 have it turned on by default. Windows may even annoy you into ensuring that the firewall is either turned on or that you're aware of the risks in not having it turned on.

The Windows firewall is primarily an incoming-only firewall.

Choosing and setting up a firewall

In general, I recommend using a broadband router as your firewall.

"Software firewalls are critical when you can't trust other computers on your local network."

There is disagreement as some believe that an outgoing firewall is important. My position is that an outgoing firewall doesn't really protect, but it simply notifies after something bad has happened.

Routers are pretty common and nearly a requirement for anyone who has more than one computer sharing an internet connection. If you have a NAT router, you have a firewall without needing to burden each computer with additional software.

Software firewalls do make sense in a very important situation:

Software firewalls are critical when you can't trust other computers on your local network.

Don't trust the kids' ability to keep their computer safe from? Enable the software firewall on your computer.

Heading out to the local open WiFi hotspot? Turn on the Windows firewall immediately.

In later versions of Windows, the built-in firewall has matured to the point where it's actually quite reasonable to leave it on all the time, even if you're behind a router. It seems to impact operations very little and saves you from remembering to turn it on when you travel or have that not-so-trustworthy guest on your network.

Firewalls are only a part of the solution

The bad news is that a firewall can't protect you from everything. A firewall is focused on protecting you from threats that arrive via malicious connection attempts over the network. A firewall will not protect you from things that you invite onto your machine yourself, such as email, attachments, downloads, and removable hard drives.

Nonetheless, protecting from network remains critically important.

(This is an update to an article originally published May 14, 2004 and updated September 26, 2009.)

Article C1941 - June 5, 2011 « »

A version of this article that can be republished without cost is available at ArticlesByLeo.com terms).

Share this article with your friends:

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Firewalls Using a firewall is an important first line of defense against network-borne threats to your computer. This section covers questions and answers relating to both hardware and software firewalls, why you need one and when you might not.
What are these access attempts in my router log? Any device sitting on the internet is subject to a constant stream of "internet background noise". It's why you really want to be behind a firewall.
Do I need a firewall, and if so, what kind? Firewalls are a critical component of keeping your machine safe on the internet. There are two basic types, but which is right for you?
How do I turn off the Windows firewall warning? If the Windows firewall is not enabled, Windows will warn you. You can tell Windows that you know what you're doing and don't need the Windows firewall.
Windows Firewall is restricting access to something I want ... what do I do? If Windows Firewall is restricting access to a program you want, there are a few steps to take to allow them access to the internet once more.
Internet Safety: How do I keep my computer safe on the internet? Internet Safety is difficult and yet critical. Here are the seven key steps to internet safety - steps to keep your computer safe on the internet.