Personal firewall
Encyclopedia
A personal firewall is an application
which controls network traffic to and from a computer, permitting or denying communications based on a security policy
. Typically it works as an application layer firewall
.
A personal firewall differs from a conventional firewall in terms of scale. A personal firewall will usually protect only the computer on which it is installed. Many personal firewalls are able to control network traffic by prompting the user each time a connection is attempted and adapting security policy accordingly. Personal firewalls may also provide some level of intrusion detection
, allowing the software to terminate or block
connectivity where it suspects an intrusion is being attempted.
Application software
Application software, also known as an application or an "app", is computer software designed to help the user to perform specific tasks. Examples include enterprise software, accounting software, office suites, graphics software and media players. Many application programs deal principally with...
which controls network traffic to and from a computer, permitting or denying communications based on a security policy
Security policy
Security policy is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls...
. Typically it works as an application layer firewall
Application layer firewall
An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall...
.
A personal firewall differs from a conventional firewall in terms of scale. A personal firewall will usually protect only the computer on which it is installed. Many personal firewalls are able to control network traffic by prompting the user each time a connection is attempted and adapting security policy accordingly. Personal firewalls may also provide some level of intrusion detection
Intrusion-detection system
An intrusion detection system is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor...
, allowing the software to terminate or block
connectivity where it suspects an intrusion is being attempted.
Features
Common personal firewall features:- Protects the user from unwanted incoming connection attempts
- Alert the user about outgoing connection attempts
- Allows the user to control which programs can and cannot access the local networkLocal area networkA local area network is a computer network that interconnects computers in a limited area such as a home, school, computer laboratory, or office building...
and/or InternetInternetThe Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide... - Hide the computer from port scans by not responding to unsolicited network traffic
- Monitor applications that are listening for incoming connections
- Monitor and regulate all incoming and outgoing Internet users
- Prevent unwanted network traffic from locally installed applications
- Provide the user with information about an application that makes a connection attempt
- Provide information about the destination serverServer (computing)In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
with which an application is attempting to communicate
Criticisms
- If the system has been compromised by malwareMalwareMalware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
, spywareSpywareSpyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's...
or similar software, these programs can also manipulate the firewall, because both are running on the same system. It may be possible to bypass or even completely shut down software firewalls in such a manner. - The alerts generated can possibly desensitize users to alerts by warning the user of actions that may not be malicious.
- Software firewalls that interface with the operating system or with other firewalls or security software at the kernel mode level may potentially cause instability and/or introduce security flaws.
See also
- Comparison of firewallsComparison of firewallsThe following tables compare different aspects of a number of firewalls, starting from simple home firewalls up to the most sophisticated Enterprise firewalls.-Firewall software:...
- Antivirus softwareAntivirus softwareAntivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
- Computer networkComputer networkA computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
- Computer securityComputer securityComputer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
- Firewall (networking)
- Network securityNetwork securityIn the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
External links
- 'Personal Firewalls' are mostly snake-oil, by the creators of Sam SpadeSam Spade (software)Sam Spade is the name of a Windows software tool designed to assist in tracking down sources of e-mail spam. It is also the name of a free web service that provides access to similar online tools. The Sam Spade utility was authored by Steve Atkins in 1997. It is named after the fictional character...
products - Software Firewalls: Made of Straw? Part 1 and Part 2 - explanation of design and discussion of inherent shortcomings
- Firewall Challenge, by Matousec