Every business organization that’s connected to the Internet needs a firewall to protect the internal network from attacks, but selecting the right firewall can be an overwhelming task. Computer and network security needs have changed drastically over the past several years, and firewall technology has evolved to meet those new, more demanding needs. The traditional firewall was a fairly simple contruct: it sat between the LAN (or in the case of personal firewalls, an individual computer) and the “outside world” of the Internet, and filtered packets coming in – and in some cases, going out – based on information in the Layer 3 and 4 headers (IP, TCP, UDP, ICMP). The decision to accept or reject a packet was usually based on the source or destination address or port number.
As attackers grew more sophisticated and began to exploit higher layer protocols (DNS, SMTP, POP3, etc.), firewalls had to do more. Most business-class firewalls today perform at least some application layer filtering, or ALF. See my article “ALF: What is it and How Does it Fit into Your Security Plan” on this site for details. ALF is necessary to prevent application layer attacks and to filter for spam and viruses, or to perform content filtering to block objectionable Web sites based on content rather than just IP address.
Firewalls today are often more than “sentries” at the network gate. Vendors have added other features that aren’t strictly firewall functions, such as VPN gateway and Web caching. Almost all modem firewalls other than those at the very low end support VPN, and many either include caching to accelerate Web performance or offer add-on modules for that purpose. In fact, many vendors have started calling their products “multifunction security” devices or software, instead of simply “firewalls.”
A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. If you can’t start Windows Firewall or you are getting an error, use our free tool to diagnose and fix problems.
If you use a computer at home, the most effective and important first step you can take to help protect your computer is to turn on a firewall.
Windows 8, Windows 7, Windows Vista, and Windows XP SP2 or higher have a firewall built-in and turned on by default. (Note: Support for Windows XP ended in April 2014.)
If you have more than one computer connected in the home, or if you have a small-office network, it is important to protect every computer. You should have a hardware firewall (such as a router) to protect your network, but you should also use a software firewall on each computer to help prevent the spread of a virus in your network if one of the computers becomes infected.
If your computer is part of a business, school, or other organizational network, you should follow the policy established by the network administrator.