To the typical computer user, firewalls are a pain in the neck. Well, let me correct myself: To every user firewalls are a pain in the neck. A firewall exists to prevent malicious software from accessing your computer or, if certain kinds of malicious software do make it to your computer, to prevent the software from using your computer as a home base to do damage to your house network and as a satellite base to infect other computers world-wide.
Windows comes with a firewall. Your DSL or cable modem comes with a firewall. Your router comes with a firewall. Rule of thumb: typically, you only need one firewall. If you have more than one firewall on your network, then your network or computer can behave in mysterious ways, which usually looks a lot like your DSL connection is broken (because the firewall doesn’t allow access to the network).
To cut to the chase: If you have only desktops and no one ever attaches a laptop that travels outside your network to your network, you only need to have the firewall in your DSL. If you happen to use a router, then the router has the firewall and your DSL modem is set on pass through. That’s still one firewall.
I’ve found that, once your network is running completely smoothly, the Windows Firewall can be turned on and it will not interfere with network operation. It can be left on. However, on some occasions where things don’t work right, one of the first things I do is turn off the Windows firewall to see if that’s the problem.
If you have a laptop and that laptop ever connects to some other network, or if you have visitors who bring their laptop and attach to your network, then you need to protect your network by having a firewall on every computer in your house. This is because that notebook might be infected with a malicious program. By connecting to your network, they can bypass your router or modem firewall.
IF you have one or more programs for spyware on every computer, and that spyware works all the time to check network transactions and computers for spyware signatures, and you run the spyware to check your entire computer periodically (every week or two)…
AND
you have a virus program that is always running and that you run to check your entire computer periodically (every week or two)…
THEN
turning on your Windows Firewall on every computer should give your network protection against the notebook scenario. Be aware that the Windows Firewall through the Vista version only checks incoming communications for problems; it doesn’t check outgoing communications. So, if your computer ever becomes infected with one of the spyware varieties that sends message OUT, Windows Firewall will not catch the problem.
If you have a kids or grandkids using your computers and bringing their computers in to connect to your network, then it makes sense to install a better firewall program on each of your computers. The firewall I install is the top-rated free one: COMODO. The download comes with both a firewall and a virus program. I don’t install the virus program because there’s a better rated one available (AVAST).
I’ll have some words about COMODO in a subsequent blog entry.
PS: If guests want to connect to your network, before you allow them to connect:
Ask them to run both a complete spyware and a complete virus check on their computer.
Make sure their firewall is on before you allow them to connect. This will protect both their computer and your network from infection.
Remember, as an option you can always use the built in “GUEST” user on your own computer, so they don’t need their computer. Of course, they may have a zillion songs on theirs, or documents they need, but sometimes they may just want to get to their email, which they can do through the on line web email function of their internet provider.
Questions?
No comments:
Post a Comment