Firewalls - what they are and what they do?

Businesses are using the internet as a tool more and more every day, and whether it is to improve communications, access data or boost business efficiency no one can deny the usefulness of the World Wide Web...

There is of course a downside to having unlimited access to information 24 hours a day at the touch of a button. By logging onto the internet you become part of the net, which means anyone else online can potentially gain access to you and your computer network at the touch of a button. So how do you use the web without becoming vulnerable to attack? Easy, get a firewall.

What is a firewall?

A firewall is a barrier, a shield. It's a mechanism to protect your PC or network (two or more PCs connected together), from an untrusted network - namely the internet. As such, it should be an important part of any computer or network security system. It cannot provide you with 100% security - nor should you expect it to. Only disconnecting your computer from the internet could do that and that's an impractical and extreme measure. It's much easier to set up a firewall that can provide adequate security for your computer network and prevent unauthorised access from hackers.

Why use a firewall?

Well you wouldn't leave your car running with the doors unlocked and the keys in it, would you? That would be inviting a thief to steal your car. The same should apply for your computer network and all your information that you store on it.

Hackers are like thieves in a sense; if they get into your network they can delete files, reformat your hard drive or place incriminating material on your computers. Hackers can steal personal information from your computers - anything from credit card details to bank account numbers and passwords, and they don't stop there.

They also look for vulnerable computers from which they can log into and from which they can stage attacks on other systems. What is worse, you could be viewed as responsible and/or liable for the damage they do by logging on from your computer. You may well be thinking it will never happen to me, there are hundreds of other people without computer security out there - well think again. Hackers now use advanced software that searches and scans the internet for unprotected computers to hack into.

Using a firewall is the same as locking your car door - you are making it more difficult to steal. While a firewall does not guarantee 100% security (remember there are viruses, bugs and very persistent hackers out there), it's a highly effective yet simple means of providing security.

What does a firewall do?

A firewall monitors traffic and information that is transmitted to and from your PC or network, it acts as a security guard and it only permits certain information through. Firewalls monitor the points of access between your network or computer and the internet, thus making it easier to prevent unauthorised access from hackers. They also act as an alarm alerting you to the possibility of unauthorised information being transmitted out of or into your PC.

What kind of firewall is right for me?

A good way of estimating your risk is to look at the type of internet connection you have. If you have a dial up connection and are only online for couple of hours a day, then each time you log onto the net your address will probably be different which makes it difficult for hackers to trace you and to continue hacking your system. All you will really need is a basic firewall that allows you to block inbound and outbound connections.

If you have broadband, an ASDL or leased line connection you are connected to the internet 24 hours a day, and have a permanent address. Once a hacker has located you, they will be able to find you again because your computer address never changes. If this is the case then it's important to get a more advanced firewall, possibly with a stealth option especially if you have valuable business information you need to protect.

How the internet works

When your computer or network talks to the internet it makes a connection and information leaves or enters through ports - think of them as doorways. When you request a web page like Amazon.co.uk, you are downloading information - requesting information to come to your computer through a doorway. Conversely when you send information from your computer like an email, you are uploading information through a doorway or port.

Configuring a firewall

It is very important to configure your firewall properly so that you have control over the information that enters or leaves your computer or network. It's also really easy to do, firewalls come with help guides and specific manuals, and are very easy to install and configure.

When configuring there are a few ports and programs that the majority of people use, and should be left open but monitored. Port 80 is the worldwide web port, Ports 25 and 110 are email ports for example used by Microsoft Outlook. If you own and manage your own website then you will need to keep Port 22:21 open, but any ports you don't use you can block

Numerous programs like Internet Explorer, Outlook, Outlook Express, Netscape, Windows, Windows media player and Barclays Business Manager need to communicate with a server to work, or may be sending information about your computing habits to the program owner. You should control the outbound information from these.

A basic rule

The basic rule should be that if a program, for example Windows Media Player, tries to send information out of your computer your firewall should block the transmission until it has asked you personally if you want to allow the program to transmit information. If you don't then you can run a virus scan, eliminate any risk and stay protected. If this seems overwhelming don't worry, it's easy to allow some programs like Internet Explorer and Barclays Business Manager full access rights to the internet, so your firewall only prompts you when unknown programs are trying to access it.

Whichever firewall you choose - and you may want to do a bit of research to find out which one is suited to your security needs, remembering that even with a firewall in place you can still get burned - a firewall should be just one part of your network security policy.