What?

The name firewall first referred to a wall constructed so that it could block the destructive advance of a fire, a fire that might otherwise literally burn it's way from one structure into another.  In a similar way a computer hardware or software firewalls block unauthorized programs from gaining access to a network or even a single PC.  They prevent:

• Planting a virus (e.g. a program that attaches to another program without the user's informed permission),
• Launching a worm (e.g. a self replicating program),
• Carrying in a Trojan (e.g. software that appears to have a known purpose, but which is designed to carry out other, unknown to the user, and probably detrimental purposes as well), or
• Allowing access to Other ill-intended programs.

Why?

In recent years the threat from ill-intended computer programs has become pervasive on the Internet.

• "An unprotected, non-current (e.g. with patches and security fixes) computer running Windows XP would likely become infected with a worm within an hour of being connected to the Internet." Source: 2005 Sophos www-sophos-com, (<--copy, paste & fix) Security Threat Management Report
  
• One tech support service even claims that today..."The average time to infect a brand new Windows XP system with no protection installed is 12 seconds." Source: www-hamsfork-net/support (<--copy, paste & fix)

Regardless of the actual 'time-to-infection' statistic, it's clear that most every PC user, and certainly anyone who has lost time and/or data to ill-intended software, understands that every PC user must do take action to protect themselves.

The four-point response is:

1. Keeping updated Anti-Virus software running continually,
2. Routinely using at least one or more good Spyware detection and removal programs, (Some virus programs are beginning to deal with spyware too!)
3. Finding and applying recent security updates to operating system and applications software, and
4. Installing and using a reliable FIREWALL.

How?

There are several ways to implement firewall protection ranging from a hardware firewall that is designed to protect a handful of users up to hundreds or more, to a software firewall that typically is aimed at protecting a single PC.  In recent years it's become quite common for networks from small to large to routinely use one of each.

SOFTWARE firewalls - offer the benefit (Some feel it's also a detriment) of providing visible evidence of attacks.   

We know from experience that a good way to test the need for a firewall is to download the free Zonelabs ZoneAlarm firewall software and allow it to run as the only firewall between a PC and the Internet.  In too short a time (Just a few minutes when we tried!) you'll see attacking software being blocked with repeated requests to 'Allow' or 'Deny' each intruder case-by-case.

A good software-based firewall will typically include a scan utility to identify and authorize 'en-mass' all the programs on a PC that are likely to try to access the Internet.  Some even come with a built-in knowledge base of typical programs that should be allowed to initiate Internet access. Without such a tool users are on their own to train their firewall software 'program-by-program' and 'attack-by-attack'.  It can be tedious if not annoying, and worse it can be fatal if a user begins simply to say yes to everything effectively training the firewall software to 'NOT' stop anything!

This 'firewall software training' requirement (e.g. adding rules to allow and deny access item-by-item) is a feature that we believe was wisely minimized in Windows XP SP2, so while this kind of fine tuning is possible, it's done against a background of reasonable assumptions about the kinds of activity that are 'OK' preventing users from what might otherwise be a barrage of 'firewall software training' interruptions.

Note:  Conflicts in how software firewalls work and accept 'Allow / Deny' requests make it appropriate to have ONLY ONE software  firewall running at a time.

HARDWARE firewalls - offer very similar protection with the advantage of being able to do it for larger numbers of computers on a network and without using any of the processing power of a PC or network server.  They continually monitor a connection and insure that intruders are not allowed and that internal users and applications can access the Internet as needed.  Hardware firewalls typically can't differentiate between applications so they're likely to treat an Internet Explorer request to display a website just like a virus program's request (One that's already on a PC) to check in with it's author, or to initiate yet another 'line of attack' for an Internet worm.

Our firewall advice is to keep it simple...
There are highly rated software firewalls available from a number of top vendors, but after testing several we don't believe any add the 'extra value' that make them worth the time or money.  So we implement the Windows XP SP2 software firewall on PCs.  And, on networks of more than a few computers we recommend adding (Keeping Win XP SP2 firewall on.) a good hardware firewall (SonicWall is our favorite) that combines all the additional features (Network Switch, DHCP server, remote access pass through, etc.) that are needed.

If you experiment with other firewalls, as we have, you probably won't go wrong,  except possibly to spend more time training and attending to the firewall's discoveries than you may wish to do.

.          .          .          .         .          .         .         .         .          .          .         .          .          .          .         .

If you found this guide interesting or useful would you vote [YES] below.  We're trying
 to build a reputation on eBay one-person-at-a-time, and we'd like your help to do it!  THANK YOU!