why you don't need to install a third party firewall(and why you do)
Firewalls are an important piece of security software,
and someone is always trying to sell you a new one. However, Windows has come
with its own solid firewall since Windows XP SP2, and it’s more than good
enough.
You also don’t need a full Internet security suite.
All you really need to install on Windows 7 is an antivirus — and Windows 8 finally comes with an antivirus.
Why
You Need a Firewall
The primary function of a firewall
is to block unrequested incoming connections. Firewalls can block different
types of connections intelligently — for example, they can allow access to
network file shares and other services when your laptop is connected to your
home network, but not when it’s connected to a public Wi-Fi network in a coffee
shop.
A firewall helps block connections
to potentially vulnerable services and controls access to network services —
particularly file shares, but also other types of services — that should only
be accessible on trusted networks.
Before Windows XP SP2, when the
Windows Firewall was upgraded and enabled by default, Windows XP systems
connected directly to the Internet became infected after four minutes on
average. Worms like the Blaster worm tried to connect directly to everyone.
Because it didn’t have a firewall, Windows let the Blaster worm right in.
A firewall would have protected
against this, even if the underlying Windows software as vulnerable. Even if a
modern version of Windows is vulnerable to such a worm, it will be extremely
difficult to infect the computer because the firewall blocks all such incoming
traffic.
Why
the Windows Firewall is Good Enough
The Windows Firewall does the exact
same job of blocking incoming connections as a third-party firewall.
Third-party firewalls like the one included with Norton may pop up more often,
informing you that they’re working and asking for your input, but the Windows
firewall is constantly doing its thankless job in the background.
It’s enabled by default and should
still enabled unless you’ve disabled it manually or installed a third-party
firewall. You can find its interface under Windows Firewall in the Control
Panel.
When a program wants to receive
incoming connections, it must create a firewall rule or pop up a dialog and
prompt you for permission.
When
You Would Want a Third-Party Firewall
By default, the Windows firewall
only does what’s really important: block incoming connections. It has some more
advanced features, but they’re in a hidden, harder-to-use interface.
For example, most third-party
firewalls allow you to easily control which applications on your computer can
connect to the Internet. They’ll pop up a box when an application first
initiates an outgoing connection. This allows you to control which applications
on your computer can access the Internet, blocking certain applications from
connecting.
Power users may love this feature,
but it’s probably not a good feature for the average user. They’ll be charged
with identifying applications that should be allowed to connect and may block
background-updater processes from connecting, preventing their software from
updating and leaving it vulnerable. It’s also a very noisy task, as you’ll have
to confirm a prompt box every time a new application wants to connect. If you
really don’t trust a program to connect to the Internet, perhaps you shouldn’t
be running the program on your computer in the first place.
Nevertheless, if you want
outgoing-connection management, you’ll probably want a third-party firewall.
They also offer an interface where you can more easily view statistics,
firewall logs, and other information.
For most users, using a third-party
firewall just introduces unnecessary complexity.
Advanced
Windows Firewall Features
The Windows firewall actually has
more features than you might expect, though its interface isn’t as friendly:
- Windows offers an advanced firewall configuration interface where you can create advanced firewall rules. You can create rules that block certain programs from connecting to the Internet or only allow a program to communicate with specific addresses.
- You can use a third-party tool to extend the Windows firewall, forcing it to prompt you for permission each time a new program wants to connect to the Internet.
A third-party firewall is a
power-user tool — not an essential piece of security software. The Windows
firewall is solid and trustworthy. While people can quibble about the Microsoft
Security Essentials/Windows Defender virus detection rate, the Windows firewall
does just as good a job of blocking incoming connections as other firewalls.