Personal firewall
A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy.[1] Typically it works as an application layer firewall.
A personal firewall differs from a conventional firewall in terms of scale. A personal firewall will usually protect only the computer on which it is installed, as compared to a conventional firewall which is normally installed on a designated interface between two or more networks, such as a router or proxy server. Hence, personal firewalls allow a security policy to be defined for individual computers, whereas a conventional firewall controls the policy between the networks that it connects.
The per-computer scope of personal firewalls is useful to protect machines that are moved across different networks. For example, a laptop computer may be used on a trusted intranet at a workplace where minimal protection is needed as a conventional firewall is already in place, and services that require open ports such as file and printer sharing are useful. The same laptop could be used at public Wi-Fi hotspots, where it may be necessary to decide the level of trust and reconfigure firewall settings to limit traffic to and from the computer. A firewall can be configured to allow different security policies for each network.
Unlike network firewalls, many personal firewalls are able to control network traffic allowed to programs on the secured computer. When an application attempts an outbound connection, the firewall may block it if blacklisted, or ask the user whether to blacklist it if it is not yet known. This protects against malware implemented as an executable program. Personal firewalls may also provide some level of intrusion detection, allowing the software to terminate or block connectivity where it suspects an intrusion is being attempted.
Features
Common personal firewall features:
- Block or alert the user about all unauthorized inbound or outbound connection attempts.
- Allows the user to control which programs can and cannot access the local network and/or Internet and provide the user with information about an application that makes a connection attempt.
- Hide the computer from port scans by not responding to unsolicited network traffic.
- Monitor applications that are listening for incoming connections.
- Monitor and regulate all incoming and outgoing Internet users.
- Prevent unwanted network traffic from locally installed applications.
- Provide information about the destination server with which an application is attempting to communicate.
- Track recent incoming events, outgoing events, and intrusion events to see who has accessed or tried to access your computer.
- Blocks and prevents hacking attempt or attack from hackers.
Limitations
Firewalls help protecting internal network from hackers, However firewall do have some limitations.
- If the system has been compromised by malware, spyware or similar software, these programs can also manipulate the firewall, because both are running on the same system. It may be possible to bypass or even completely shut down software firewalls in such a manner.
- A firewall can't notify, if it has been incorrectly configured.
- Firewall may limit access from the Internet, but it may not protect your network from wireless and other access to your systems.
- Firewalls and Virtual Private Networks are not the only solution to secure private documents and emails that are either sent within an organization or to other business contacts that are outside the organization.
- The alerts generated can possibly desensitize users to alerts by warning the user of actions that may not be malicious.
- Software firewalls that interface with the operating system or with other firewalls or security software at the kernel mode level may potentially cause instability and/or introduce security flaws.[2]
History
In the mid 1990s, as a part of the information security architecture project for a Fortune 100 corporation in the United States (the Anheuser-Busch Corporation), one of the members of the three-man architectural development team came up with a concept with regards to improving the overall security of the operating system to be used on all the computers within this networked system (a network system referred to as BudNET). Improving the overall security of an operating system is commonly referred to as "OS Hardening." The member of the team that was charged with this was SSgt. Donald R. Woeltje Jr. and the concept he came up with was the installation of special software (firewall software) on every BudNET server, workstation, and perimeter security device. Indeed, every single Windows system on the BudNET network. This is a concept that is now commonly referred to as "personal firewall" software. So, while SSgt. Woeltje did not invent personal firewall software, he did invent the idea of the "personal firewall." Evidence of this fact exists in the Anheuser-Busch Security Model Proposal document made by SSgt. Woeltje, at the time. When SSgt. Woeltje brought in all the leading firewall vendors for meetings concerning the products being considered for use for the perimeter security of the BudNET network, SSgt. Woeltje brought up the concept of the "personal firewall" with the vendors and asked them if they had any firewall product that could be used in this way. With the exception of the representatives from the Cyberguard Corporation, every vendor said that not only did that not have any firewall software that could be used in this way but they also said that the idea was crazy and unworkable. But, today we know they were wrong because the use of personal firewall software has become a de facto computer security standard. The companies that SSgt. Woeltje discussed "personal firewall" software with were, among others, Cisco, Checkpoint, Axent Technologies, Milkyway Networks, Cyberguard, Network ONE, Trusted Information Systems, and Secure Computing Corporation.
References
- Personal Firewall – Make IT Secure
- "Firewall Limitations". Brighthub. 2010-12-14. Archived from the original on 2014-08-14. Retrieved 2014-03-28.
External links
- Software Firewalls: Made of Straw? Part 1 and Part 2 – explanation of design, and discussion of susceptibility on Windows computers to circumvention by a Layered Service Provider.
- Software Firewall Test Rankings, Matousec, 2014