Internet Security for Home Users – Setting Up a Firewall

This blog is the second installment in our Internet Security for Home Users series. In this series, we’ll explore tips and strategies to keep your home internet secure, including network troubleshooting, modem setup, firewall configuration, and VPN usage. In this post, we’ll cover what firewalls are and how to enable them on your devices.

What is a Firewall?

A “firewall” is a system that helps block unauthorized access to your computer or network, much like how a physical firewall prevents fires from spreading. It filters out harmful traffic while allowing safe and legitimate data to pass through, ensuring your devices and data remain secure.

Types of Firewall Architectures

1. Packet-Filtering Firewalls
   These are the oldest type of firewall. They create a checkpoint at your router where they examine the data packets based on basic information like the source and destination IP address, port number, and packet type. However, they don’t look at the actual content of the packet. If the packet doesn’t meet certain criteria, it’s dropped. While they don’t use many resources, they can be bypassed by malicious packets that seem legitimate on the surface.
2. Circuit-Level Gateways
   Like packet-filtering firewalls, circuit-level gateways don’t inspect the data packet itself. Instead, they verify the Transmission Control Protocol (TCP) handshake to ensure the packet is coming from a trusted source. However, these firewalls can allow malicious packets that have the correct handshake to pass through.
3. Stateful Inspection Firewalls
   These firewalls use both packet inspection and TCP handshake verification, offering a higher level of security compared to the previous two. While they provide better protection, they require more computing resources, which can slow down the transfer of legitimate data.
4. Proxy Firewalls
   Proxy firewalls, or Application-Level Gateways, operate at the application layer to filter incoming traffic between your network and the source of the traffic. They establish a connection to the source, inspect the incoming data, and only allow the packet through if it passes security checks. These firewalls offer strong security by performing deep packet inspection but can slow down the system due to the extra processing involved.
5. Next-Generation Firewalls
   Next-generation firewalls combine features like deep-packet inspection, TCP handshake checks, and surface-level packet inspection. They may also include intrusion prevention systems (IPS) that automatically stop attacks. However, since the term “next-generation firewall” is not strictly defined, it’s essential to understand what specific features the firewall offers before making a purchase.

Methods of Delivering Firewall Functionality

There are three main ways firewalls can be delivered: through hardware, software, or the cloud.

1. Hardware Firewalls
   These are physical devices that sit between your network and the internet, intercepting data packets before they reach your devices. They are great at protecting the perimeter of your network but can be limited by their ability to handle multiple connections at once, leaving room for insider threats.
2. Cloud Firewalls
   Also known as Firewall-as-a-Service (FaaS), cloud firewalls are cloud-based solutions that filter incoming traffic. A major advantage of cloud firewalls is their scalability, which allows them to handle large traffic loads. These firewalls excel at perimeter security, but they are typically better suited for businesses rather than home users.
3. Software Firewalls
   These firewalls are applications installed directly on your devices. They don’t require any external hardware or cloud services to function and help protect individual devices by isolating them from each other. However, it’s essential to check compatibility between the firewall and your devices. Additionally, managing software firewalls on multiple devices can be time-consuming.

How to Check Whether Your Firewall is Active

Both Windows and Mac devices come with built-in firewalls, though they have some differences in how they’re configured. On a Mac, the firewall is usually off by default, as Macs are less likely to be infected by worms compared to Windows systems.

For Windows users, follow these steps to check the firewall status:

1. Go to the Start Menu > Settings.
2. Click Update & Security, then select Windows Security.
3. Click Firewall & Network Protection.
   Here, you’ll see the status of your firewall for different types of networks (domain, private, and public). You can also enable or disable it from this menu.

For Mac users:

1. Open the Apple Menu > System Preferences.
2. Click Security & Privacy, then select the Firewall tab.
   If there’s a lock icon at the bottom left, you’ll need to unlock it first to make changes.

By enabling your firewall and keeping it active, you can significantly improve your home network security. If you find it difficult to manage, don’t hesitate to reach out for professional assistance.