Software Firewalls
- Zone Alarm
- How Software Firewalls Work
- Visible Alerts
- Temporary and Permanent
Access & Blocks - Program Control
- Incoming Alerts
- Are Two Firewalls Better Than One?
- Windows XP Firewall
- Hardware Firewalls
- The Trusted Zone
You are especially at risk if you have broadband or leave your PC running unattended for long periods of time. Broadband because of its 'always on' nature, unattended use because you stand no chance of noticing when a problem occurs.
Zone AlarmThis article is based on using the software product Zone Alarm by Zone Labs. This is free for non commercial use. In September 2005 it was a 9,128Kb download.I don't intend to claim that this is the product for you. But in my opinion its reliable not to fussy to setup/use and works well. Well suited for the home user who wants a free product. The Pro version (pay version) frequently gets good reviews too.
How Software Firewalls WorkA firewall acts as a barrier between the PC and the outside world. Software Firewalls work by blocking unauthorised access from the outside and also force software already on the PC to request access to the internet before allowing the software to send out any data.Software Firewalls are installed as memory resident software at machine start-up. The firewall software monitors all input and output between the internet/network and the PC. Access can be either granted for a trusted application or blocked a unknown application. Visible AlertsOne useful feature of the software is the Zone Alarm icon in the system tray. This changes to two coloured bars to show both upload and download traffic to and from your PC. If the normal ZA icon is visible Zone Alarm is not aware of any traffic.Temporary and Permanent Access and BlockingMany more applications want access to the internet than you would normally expect. These vary from applications in the operating system itself, programs that check for software updates, the real player event viewer, through to more nasty programs monitoring what pages you visit or indeed a trojan virus.Is worthwhile taking a cautious approach and minimise what applications have access at first. A pop-up window will open each time any software attempts to access the internet. If you temporarily block an application and something vital stops working then allow it on its next attempt, when you are sure its safe, give it permanent access. If you want to block some of the applications take a similar approach, block them temporarily if nothing vital stops working make it a permanent block. Program ControlIf you make a mistake use the program control section of Zone Alarm to clear the access permission. Highlight the program you wish to change and use the 'Delete' key to remove it from the program list. The next time the program runs, Zone Alarm will ask you what access rights the program should be given. |
Incoming AlertsThe other side of firewall security is blocking incoming access.Alerts for incoming communications requests are harder to understand. Zone Alarm will give limited advice on what they mean. Don't be too paranoid as most are normal server requests. In Zone Alarm click on 'Firewall' and set the Internet Zone Security to High at first and only consider reducing this if you have any problems. Hardware FirewallsHardware firewalls or routers allow further control in blocking access to a network PC. They make the PC or network less visible to the outside world but do not give control to block outgoing communications easily.Windows XP FirewallWindows XP users also have a built in firewall option bundled with the operating system. Its not so easy to use as Zone Alarm however. It only works one way at present, that is in blocking unauthorised incoming communications.Are Two Firewalls Better Than One?No although this is a matter of opinion, my reasons are:
The Trusted ZoneIf you share resources on a network Zone Alarm can cause difficulties by blocking legitimate data requests. You can set-up individual or ranges of TCP-IP addresses with greater access to and from your PC using the Trusted Zone feature.Internal devices with a separate TCP-IP address (such as some digital TV cards) should also be set-up in the Trusted Zone.
Peter Frost - Bristol PC Services
Last Revised 2nd November 2005 |