Buyer’s Guide: Hardware Versus Software Firewalls

By Joe and Ron of Neighborhood Techs

Undoubtedly, you’ve heard about viruses, hacker intrusions, trojan horses, and more that are constantly trying to bring your PC down. Is there a single thing that you can buy, like a hardware firewall, that can keep your PC safe?

Firewalls are designed to protect you from outside attempts to access your computer, either for the purpose of eavesdropping on your activities, stealing data, sabotage, or using your machine as a means to launch an attack on a third party. The vast majority of firewalls can’t protect you from virus attack, though. We’ll talk about viruses in a minute.

Basically, the way a firewall works is that it sits between your cable or DSL modem and your computer and watches the network traffic going in and out of it. The ports represent “channels” carrying various types of traffic like Web traffic (port 80), e-mail (25 and 110), and DNS (which resolves URLs53). Firewalls monitor network conversations and filter out unauthorized traffic and traffic that exhibits certain suspicious behavior or characteristics.

If you are using a broadband internet connection such as cable or DSL, most experts recommend that you start with a hardware firewall. They’re effective, inexpensive, and easy to configure. A decent hardware firewall can cost as little as $50 and provide excellent protection against common forms of attack. You should check the reviews to find one that is right for you. A firewall is built into almost every router these days – you use a router for sharing Internet access among multiple computers.

A software firewall can be a good choice too, but software firewalls can vary wildly in their capabilities and effectiveness and they can also be tough to configure if you’re not knowledgeable about TCP/IP. This is because software firewalls typically give you a lot more fine control over what gets allowed in and out. Personally, I would recommend using them in addition to, not instead of a hardware firewall.

One benefit of software firewalls is that they often include additional components that do things like guard your computer against infiltration by Trojan horse programs. (These are programs that are transferred to your computer unbeknownst to you, usually hidden in something like a downloaded file, picture, or e-mail attachment. They sometimes even send information from your computer to somewhere else, so some firewalls check for unwanted outgoing traffic as well.)

Some software firewalls even claim to suppress pop-up and pop-under advertisements, which can be incredibly annoying but are not generally dangerous.

One thing to watch out for on the software firewall front is that it seems to be moving to a subscription model (like anti-virus software before it). Therefore, it pays to do your research before buying. Some vendors, like Zone Labs, also offer a basic version of their firewall you can download for free.

All of the alerts that you may get from a firewall are probably a mix of legitimate activity and unsolicited traffic, with people attempting to gain access to your computer and see if it has anything interesting on it. Keep in mind that alerts from a firewall are not necessarily an indication that your system is being compromised; they could be a result of a firewall blocking suspicious traffic. If you are obtaining lots of alerts, you should read the alerts carefully and regularly, and adjust your firewall settings accordingly.

As I mentioned earlier, most firewalls won’t fend of viruses, so anti-virus software of some kind is a must. In my personal opinion, which program you use or when you bought it doesn’t matter that much as long as you update the virus definitions on a regular basis. Most programs can be configured to automatically update themselves, so you don’t even have to think about it.

Making sure your definitions are current is absolutely crucial. Rarely does anyone get a virus that was written years ago; it’s usually one that is very new and was previously unknown. The anti-virus software vendors usually update their definitions as soon as a new virus is discovered, so make sure you download them regularly.

In summary, the best security strategy includes hardware and software, but most of all, vigilance.

Reprinted from

Firewall Shopping 101

Small Business Computing Staff
Small Business Computing Staff
Small Business Computing addresses the technology needs of small businesses, which are defined as businesses with fewer than 500 employees and/or less than $7 million in annual sales.

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.