Firewalls have evolved rapidly over the past 20 years and are nothing like what they were when the internet was in its infancy.
When the internet was young there was barely a mention of a firewall. The whole concept of the internet was to connect things together, while a firewall exists for the purpose of preventing connections. Over time security became a priority and all sorts of firewalls started popping up.
When you go looking for a firewall for your home network you quickly learn that there are many different types with many different names, coupled with some pretty heavy advertising. Here's what you need to know to make an informed decision about which firewall technology is right for you.
Firewalls vs. AntiVirus vs. Anti-malware vs. Cyber Security
It's important to clarify some terms that frequently get mixed up quite often on the net. When you research internet security software you are inevitably going to read about firewalls, antivirus software, anti-malware software, and cyber security packages. Let's review them all briefly.
Strictly speaking a firewall is only concerned with data coming in and out of a computer or network. Its sole purpose is to allow, route, or disallow data in or out based on rules. Anything other than that and a firewall starts branching into other technologies.
Firewalls come in hardware and software varieties, each with their own plusses and minuses.
Hardware firewalls protect your entire home network and do not slow down your devices, but tend to have fewer options.
Software firewalls are installed on the device that they need to protect and only protect that individual device. They can slow the device down since they run on the device, but they tend to have a richer set of options.
You can read more about hardware and software firewalls in our article Hardware vs. Software Firewalls.
Firewalls do not block a program from doing something malicious on your device or computer, and they do not prevent software from installing on your computer. They only block data from going in and out of the internet. This is useful to block individual websites or to block large categories of websites based on published lists.
Everyone has heard of antivirus software and by now most people realize that they need some form of antivirus software on their computer. For almost 10 years now both Windows and Mac personal computers have come with some sort of built in antivirus software that is actually quite reasonable in its effectiveness to block actual computer viruses.
The real problem with the built in antivirus software is that what makes a virus is a very narrowly defined term and usually excludes some things that people do not want on their computers.
Not a Virus
- Remember those horrible browser bars that everyone seems to get infected with but don't actually want? Not a virus.
- Ever end up with strange icons next to your clock that helpfully remind you of a sale, coupon, or weather event? Not a virus.
So while antivirus software is necessary to have running on your computer it's not enough. Additional software in the form of malware protection is needed.
Malware is software that you don't want for any number of reasons, and it's really hard to separate it from viruses. Malware is software that does any of the following:
Characterists of Malware
- Installs itself when you didn't want it
- Acts intrusive and pops up in your face when you don't want it
- Starts at boot up, even though you don't want it
- Spies on you and phones home your personal info, when you don't want it.
- Uses excessive amounts of system resources, when you don't want it.
The key here is "when you don't want it". Sometimes malware is referred to as "potentially unwanted programs".
Some malware acts so intrusive that antivirus software makes give in and go ahead and declare it a virus, but this doesn't happen nearly often enough. Anti-malware software, on the other hand, tends to be quite aggressive at identifying and removing unwanted programs. For this reason most people need both antivirus and anti-malware software.
Some anti-malware software runs continuously in the background the same as antivirus software. This is usually true of the paid for software like Norton and ZoneAlarm. Other anti-malware software only runs when you ask it to. This is the case with the excellent and free Malwarebytes Anti-Malware.
Cyber security is a catch-all term that can include firewalling, antivirus, anti-malware, and other evolving technologies. Generally cyber security packages include all of these features, plus some additional options, such as:
- Anti-Phishing software can help protect you against phishing attacks, which is where websites attempt to confuse you into entering your password or credit card info on the wrong site so that they can steal your data.
- Identity protection software can help protect your logins automatically when websites try to steal your personal information as you browse the web.
- Parental control software is designed to allow a parent to limit what their kids can and cannot see on the internet.
- HIPS, or Host Intrusion Prevention System, is software that attempts to block virus and malware from installing by monitoring what they are attempting to do and restricting known vectors of infection, such as changing your computer's startup options.
There are a few very popular all-in-one Cyber Security packages out there that include most or all of these features. The 3 that come to mind are ZoneAlarm Extreme Security, Norton Security Deluxe, and Comodo Internet Security. All of them have an upfront cost and a yearly maintenance cost.
Do You Need a Firewall
Short answer: Yes! It is imperative that you have a firewall protecting your computer from the internet, but it is not necessary to pay for it. There are a variety of free and paid options that you can choose depending on your level of expertise.
Keep in mind that both your router and your desktop operating system already have a significant amount of protection built in. If you are using Windows 7, 8, or 10 or OS X then you already have a software firewall running, and if you are on your home network then your router is already providing a limited type of incoming connection blocking.
However, if you have high value information on your network or if you engage in risky internet behavior like visiting piracy and hacking sites then you may want to increase your default level of security with some other similar software that is not technically a firewall but is frequently bundled with cyber security software suites.
We've put together a recommended setup that mimics the protection provided by some of the more expensive security suites but is composed of all free software.
Free Cyber Security Software Suite
The above setup will offer a tremendous amount of protection for literally zero cost and very little maintenance. It will not offer any sort of Anti-Phishing, Identity protection, or very much in the realm of parental controls. To get those features you have to purchase a yearly subscription to one of the big providers: Norton, ZoneAlarm, or Comodo.