Personal Firewalls are software applications, which attempt to prevent, or warn about, unauthorized or suspicious network access by other applications on the same computer. They are readily available by sale from many different vendors, frequently reviewed on the web, hailed by some as mandatory on every computer connected to a network, and also panned by others. (See http://en.wikipedia.org/wiki/Personal_firewall for more information.)
Personal firewalls are different from firewalls. Regular firewalls are hardware boxes that protect entire networks. Personal firewalls are software applications, which only protect one computer, the one they are running on. You can think of a regular firewall as generally protecting one local network from the bad guys on the internet, and a personal firewall as protecting one single computer from everything else that the computer is connected to, not just the internet.
Aside from their security merits, there are three key things that every computer user should know about personal firewalls.
1) There is almost always one that is built into the operating system and also one shipped on purchased desktop computers, so whether you know it or not, most likely you have at least one running on all your computers, and perhaps even more than one.
2) They may view everything connected to your computer as being a potential threat. That means other computers in your house, your network storage, your network printer, your network scanner, and even your home router/firewall are all considered potential bad guys who might harm your computer.
3) They enforce a defined security policy, a set of rules about what is allowed and what is not allowed.
Let’s talk more about the security policy. Each personal firewall comes with some defined set of rules which can be changed later, but since they know it would be unreasonable to expect their customers to sit down at their computer for hours and figure out what rules they want enforced, these firewalls also try to figure out what to do "on the fly" when some suspicious activity happens. A suspicious activity could be a message coming form the network that the personal firewall didn’t expect. It could also be a message going out from an application, which the firewall didn’t know had permission to send that message. When something like this happens, they pop up a message asking you if this suspicious activity is ok or not. If you say no, then the personal firewall blocks that message. The application trying to send a message does not know that a firewall blocked the message; all the application knows is that the message failed for some unknown reason. In addition, the firewall may block any future attempts to send or receive a similar message without prompting again. For people who click without reading when something pops up (just to make it go away), they could be wreaking havoc on their network applications without knowing it.
Each firewall works somewhat differently than others, and even when they have similar types of settings, they may have different default values for those settings. For example, some firewalls stop blocking communication when disabled, but some continue enforcing their defined policy, and some just start blocking everything. Another example is that some firewalls’ default behavior is to pop up messages the first time a program attempts a network connection, but other firewalls do not unless the user configures it to work this way. Finally, some firewalls even have different modes of operation that change automatically over time, such as a "learning mode" (unique different policy) that is used when the firewall is first installed, which changes to a "normal mode" some time later.
You should realize by now that firewalls are quite sophisticated with many options and controls, and each firewall works somewhat differently. This can make them a challenge to manage, even for those with knowledge of networking.
Next time, I’ll suggest some helpful ways to manage personal firewalls in easy safe ways.