You’re getting ready for game night with your friends. You’re just about to challenge them in a race or open battle when you get a security alert from your PC’s firewall. You’re wondering if it’s a bad thing or if you should turn the firewall off.
I’m here to explain more about what’s a firewall in the first place, how it works, and if you should allow some apps to gain access even if the firewall blocked them.
Let’s start with the basics.
What’s a Firewall?
You know your computer comes with a pre-installed firewall. You know you should always have it turned on, especially when using a Windows PC. Still, you may not know the exact purpose of a firewall.
Put simply, a firewall is your network’s defensive barrier that prevents malicious activity from infiltrating your computer. A firewall is central to your cybersecurity defenses. It’s like your home’s alarm system, only your home is your computer in this case. Instead of intruders, it keeps away dangerous online traffic, ensuring no malicious threats or cyberattackers gain access to your device or network.
That’s why it’s best to have both a software and a hardware firewall.
Your computer and security software usually come with a pre-installed firewall (also called desktop, personal, or software firewall). A software firewall protects your device from the inside and controls the behavior of some of your specific apps.
On your personal computer, you need to make sure that you’ve turned the firewall on and enabled automatic updates in the security settings.
Most routers come with bundled firewall protection, also known as external or hardware firewalls. Their purpose is to inspect and scan the network traffic before it reaches your computer. A hardware firewall protects your entire network from any outside threats.
Hardware firewalls provide additional protection to workstations, like servers, printers, and telephone systems, which usually don’t come with a pre-installed software firewall.
With both your computer and your router equipped with firewall functions, your defense gets an extra boost, and you increase your protection from threats.
First, let’s understand how online data works.
Data travels over the internet in small parts called packets. These packets go from one source to another through Internet Protocol (IP) and Transport Control Protocol (TCP).
TCP communicates with IP and inspects transferred data. Their communication process involves checking packets closely to ensure none is lost and all are correctly reassembled.
An email with photo attachments sent from one person to another serves as an example. When the packet inspection is complete, the email is sent and it goes to the recipient’s inbox.
Do I Need a Firewall?
Definitely. Whenever you use the internet, you need your firewall bodyguard. Forgoing firewall protection leaves you exposed to several risks, including financial fraud and identity theft.
Check what happens to your computer with and without a firewall securing your infrastructure in the following table.
With a Firewall | Without a Firewall |
The firewall inspects your network connections and stops possible threats from entering your device. | Anyone can access your network, which makes it harder to detect online threats. |
You’re in full control of your computer and network. | Anyone can seize control of your computer, grab your files and data, or delete them. |
You have a shield to protect your network, computer, and data. | Anyone can crash your entire network, and you risk losing data stored on your computer. |
In a nutshell, a firewall prevents unwanted and dangerous online traffic and malicious software (malware) from getting into your PC or device.
If you disable firewall protection, you leave your PC or other connected devices exposed. For instance, if you turn off a software firewall, worms can harm not just your computer but your entire network connection.
Disabling a hardware firewall can damage all devices connected to a network; for a company, where all employees connect to the same network, this would be cybercriminals‘ perfect scenario allowing them to infect all devices and easily execute malicious code remotely.
How Does a Firewall Work?
Based on pre-established security rules, a firewall filters out harmful network traffic. Software firewalls safeguard data traffic through ports and applications. Ports are merely conventional numbers that help a firewall identify the services you request and what’s included in that request. Port numbers play an essential role in how firewalls work. Port 80, for example, connects you to the internet using the Hypertext Transfer Protocol (HTTP).
A firewall authorizes only incoming network traffic that it was set up to accept.
As part of its inspection process, a firewall looks at each data packet, determines its source, destination, or both, and decides to accept or deny the packet.
7 Firewall Types
Depending on your desired protection and security, you can choose from the following firewalls:
1. Stateless or packet filtering firewalls: These firewalls inspect each data packet individually. Even when a firewall receives many data packets at once, it’ll take a closer look at each packet separately instead of verifying them in bulk. The advantage of this filtering is that it detects unauthorized communication faster and gives your device a strong attack prevention.
2. Stateful firewalls: like stateless firewalls, they examine streams of data. The difference is that stateful firewalls match their predefined rules to a series of packets instead of each packet of data.
3. Application firewalls: These work the same way as stateful firewalls and go a step further. Apart from analyzing the header of data packets, these firewalls analyze their contents too. Think of an application firewall as a full-body scan.
4. Next-generation firewalls (NGFWs): These apply basic firewall security and include advanced security settings like anti-virus protection, encrypted traffic examination, and intrusion prevention. NGFWs also perform deep packet inspection (DPI), which is the evaluation of all data included in the packet. They offer you the option to categorize and deny suspicious packets.
5. Network address translation (NAT) firewalls: These can protect several devices that share the same IP address despite having different network addresses. NAT firewalls’ advantage is that attackers won’t see explicit information because the firewall hides individual IP addresses, so they can’t grab your data.
6. Unified threat management (UTM) firewalls: These cover wider incoming and outgoing traffic protection as they include antivirus, anti-malware, and anti-spyware security. These firewalls also block spam emails and other types of email threats.
7. Virtual (cloud) firewalls: On the whole, these are software firewalls that secure virtual environments but work exactly like hardware firewalls. Their primary function is to inspect network data, marking risk-free and dangerous traffic. Many companies enforce this type of firewall because it allows them to apply company security policies across the entire IT infrastructure.
Now that we’ve uncovered the most common types of firewalls, let’s see which essential firewall settings you should check.
How to Check Firewall Settings
On Mac
- Select the Apple icon from the top left corner of your PC screen.
- Go to System Preferences.
- Click the Security & Privacy tab and then go to the Firewall tab.
- To unlock the Firewall menu, click the lock icon and fill in your administrator name and password.
- Click Unlock.
- Mac disables the firewall by default, so select ‘Turn On Firewall’.
- From the Firewall Options button (sometimes called Advanced), customize your firewall’s settings:
-
-
-
-
- Block all incoming connections – to deny all sharing requests like screen or file sharing.
- Automatically allow signed software to receive incoming connections – to allow an app to receive incoming connections.
- Enable stealth mode (optional) – to tell your computer not to respond to any probing and unexpected requests, like pings.
-
-
-
-
- To add programs to your firewall’s block or accept list:
-
-
-
-
- Select the ‘+’ symbol below the incoming connections window.
- Click the name of one or more apps that you’d like to allow.
-
-
-
-
On Windows
- Go to the System and Security folder from the Control Panel, or type “firewall” into the search bar.
- Check the Private Networks and Guest or Public Networks sections.
- Your firewall is active when these sections have green shields attached to the left.
- Click on any of these sections to see the details about your current private or public networks.
- Click Advanced Settings to see:
-
-
-
-
- Inbound Rules – Windows automatically allows incoming connections.
- Outbound Rules – Windows automatically allows outgoing connections.
- Connection Security Rules – specific rules that determine which connections your computer should allow or block.
- Monitoring – an overview of your firewall’s basic monitoring rules.
-
-
-
-
A firewall is your basic digital security shield, and you should always have it turned on. Despite the numerous types and advanced functions, a firewall can’t fight against online threats by itself. Complement it with additional layers of security like:
An antivirus: a helpful tool that helps you fend off viruses and online risks, including malware, spyware, or ransomware.
A VPN: a VPN keeps you safe online by limiting online tracking; your traffic goes through an encrypted tunnel making it impossible for anyone to read your data.
An ID Guard: CyberGhost VPN’s ID Guard helps you check if your email addresses were ever revealed in a data breach. ID Guard has an ongoing monitoring service, notifying you if your account gets compromised.
FAQ
A stateful firewall is a network gatekeeper that, apart from inspecting a series of data packets and filtering incoming and outgoing traffic, monitors the traffic’s source, ports, and destination IP addresses. A stateful firewall reviews the data packets, checking their connection status, source and destination; then, it compares it with the predefined firewall rules. That way, it determines for which series it should allow network access and for which it should deny it.
Most firewalls (software and hardware included) come with pre-configuration settings. Still, it’s better you check its settings and see if they fit your needs. The main steps for a firewall configuration are:
1- Secure your firewall and update it to the latest security features.
2- You should also delete or disable default user accounts, and change default passwords.
3- Define firewall zones and IP addresses.
4- Craft your network structure and make sure you’ve grouped assets and placed them into networks (or zones) based on similar functions.
5- Create firewall rules, known as access control lists (ACL), and choose which traffic needs permission to transit into and out of each zone.
Sometimes pre-defined rules don’t let a program communicate with the network. Examples include instant messaging apps and online games. By adding exceptions to a firewall, you can unblock (open) new ports. Follow these steps:
On Mac
1- Go to the Apple menu and choose ‘System Preferences’.
2- Click on ‘Security & Privacy’.
3- Click on the Firewall icon and then choose ‘Firewall options’.
4- Choose which apps you want to exclude from the firewall protection.
5- Make sure the chosen apps are set to ‘Allow incoming connections.’
On Windows
1- Go to ‘Control Panel’ and click on ‘Windows Firewall‘.
2- From ‘Advanced Settings’, click ‘Inbound Rules’, then ‘New Rule’.
3- Choose ‘Port for the Rule Type’, then click Next.
4- Select TCP for: Does this rule apply to TCP or UDP?
5- Select Specific local ports and enter the TCP port to allow. Click Next.
Kindly follow these steps to allow an app through your firewall.
1- Click Allow an App or Feature through Windows Firewall.
2- From the Allowed Apps window, select the Change Settings button.
3- Select the check box for apps – check those that you want to bypass the firewall.
Allowing an app through a firewall creates a low security risk. Still, it’s best if you choose to allow apps only when you need to and only for the apps that you recognize or have used before.
Have you ever dealt with an online threat when you had your firewall turned off?
Let me know in the comments below.
Leave a comment