Personal Firewall Protection

explained simply

Which firewalls are good?

Warning: there are a LOT of firewalls available. There are also a lot of free firewalls. Many of them are NOT WORTH USING.

My short list of quality firewall tools below is very short.

You will see why as you read this page.

Do you need a Firewall?

If you have an internet connection you DO need a firewall. For one thing, you need something to stop intruders.

What Intruders?

Some people (i.e. hackers) scan the internet looking for computers that will accept their incoming communication. If your PC accepts their message they will try to USE your computer. They might want to read your files, install a trojan program, virus or spyware, or make your machine one of their 'zombies'. (Zombies are normally used to attack and cripple another computer or, more likely, a system of web servers, and usually a well known one, like Microsoft's or Google's.)

Are personal firewalls any real use?

Not everyone agrees about the value of personal firewalls.

Some people believe that personal firewalls provide few real benefits.

In particular, they argue that if you have a NAT enabled router, and you understand how networking really functions, you can probably protect your system without spending money on a personal software firewall.

I don't want to tell people to spend money on software they don't really need, so I discuss this point of view here: When do you need a firewall?

More about the need for firewalls.

Click the links below for more detailed discussion about whether and why we need a personal firewall.

Including:

• Firewalls and how we connect to the internet: E.g. dial-up, router-modem etc.
• NAT routers: NAT routers provide some firewall protection from intruders.
• The Windows firewall: new Windows systems (XP, Vista) already have a firewall. How much protection does it provide?

• Reminder: The basic requirements to staying secure online:
• Making your browser more secure (or maybe using a different browser).
• Using anti-spyware tools. (A few. Some good ones are free.)
• Using antivirus tools. (One good one that runs all the time.)
• Using a firewall. (Just one.)
• Using email safely.

One more important point about firewalls.

Software Compatibility.

A good software firewall needs to be more than just a basic data filter.

Some of the free firewalls are only this: a filter.
More sophisticated firewalls intend to provide much more security than that.

Vendors offering fully-fledged firewalls and security tools (like Kaspersky, Panda, BitDefender and ZoneAlarm below) find themselves creating a tool that you could think of as half a security suite.

Remember, you can only run one firewall, and one anti-virus tool at the same time.

But this can create compatibility problems. If your firewall is also half an anti-virus tool and busy protecting your system registry as well, you might not be able to operate a separate, dedicated anti-virus tool at the same time.

Combined tools and security suites.

This is one of the reasons for the development of combined security tools and security suites. People do need an anti-virus tool and a firewall. And people also want protection from spyware, fraud and other online crime.

So the advantage of a security suite is that all these functions are brought together harmoniously.

Among the vendors that are security specialists the trend is to NOT offer a stand-alone firewall at all. Instead, firewalls are combined with anti-virus tools or integrated in a security suite.

For example Kaspersky formerly offered a stand-alone firewall, 'AntiHacker'. But now the firewall is integrated into the Kaspersky Internet Security Suite.

Likewise, BitDefender do not offer a stand-alone firewall. Firewall protection is integrated into both the enhanced anti-virus tool, BitDefender Antivirus Plus and also in BitDefender Internet Security - AKA 'Total Security'.

Also, Panda have a firewall, but only in conjunction with their antivirus tool, Panda Antivirus + Firewall, or with their complete security suite.

Firewall Software

Here are some personal firewalls.

For the reasons given just above, combined tools and security suites are included here that are not stand-alone firewalls.
Using these more 'full-service' tools can be the best way to make sure you have compatible tools and a quality firewall.

Why these particular firewalls?

You are probably aware that there are dozens of personal firewalls available. But only a few are recommended on this page. Where are all the others?

There are other software firewalls that are very good. We expect to add more to the list below. But the list will probably remain quite short. Click here to see why this short list of firewalls is so short.

We will start with products that include some form of advanced or 'next generation' heuristics.

What on earth is advanced heuristics?

It is something well worth having in a firewall or anti-virus tool. See a brief description here.

BitDefender Antivirus Plus

BitDefender offer their excellent antivirus tool with a firewall included. BitDefender Antivirus Plus – which provides the main capabilities you would want from a security suite.

BitDefender's security products use advanced heuristics – Bitdefender's unique 'B-HAVE' system. This system means that BitDefender does not need to know the names of the latest virus or trojan pests but will detect them based on how they behave.

• BitDefender Antivirus Plus includes:
• BitDefender Antivirus:
  
• An application firewall:
  An 'application' firewall means that programs on your computer cannot use the internet without your permission.
• Email security: A module to help you control spam and protect against phishing.

Description

This is a very high quality advanced heuristics system.

For example, in 2006 BitDefender was one of the few security companies to detect the very nasty virus 'Polip.A'.

(You can read about that here: BitDefender detects Polip.A.)

This virus was clever, encrypted and good at hiding. Also, it would try to delete files related to anti-virus protection.

A full description is on our BitDefender page – BitDefender Antivirus Plus.

BitDefender Antivirus Plus has a lot of features and is most of the way to being a full internet security suite. However if you want to save time and installations, BitDefender Internet Security adds more online security features such as anti-spyware, parental controls and security features aimed at email and Instant Messaging users.

A full description is on our BitDefender page – BitDefender Internet Security.

Or visit the BitDefender web site to find out more.

Panda Antivirus
+ Firewall

Panda Antivirus + Firewall

Panda's combined anti-virus and firewall tool also extends to protect against spyware and fraud.

Panda also have their version of advanced heuristics, "TruPrevent".

Panda's TruPrevent system is specially designed to combat virus and trojan threats that intend to spread very quickly. That is, they try to spread before the anti-virus and security tools find out about them and update their lists of known threats.

Security software is usually updated at least daily, but a virus can become widespread in just a few hours.
So Panda adds this extra layer of protection that monitors activity on your computer and blocks any activity that is suspicious.

More information and download links are on our Panda page.

Panda security tools are available in both English and Spanish.

Three for the price of one.

Panda is a good choice if you have more than one computer to protect, because your license is for up to three computers.

Panda Antivirus + Firewall is ready for Windows Vista (as well as older Windows systems).

More information and download links are on our Panda page.

Kaspersky Internet Security

Kaspersky Internet Security
Download a free trial from us here.

This is an entire online security suite, not a standalone firewall or small combination tool.

However it is well worth considering among firewall options because Kaspersky's firewall capability and security implementation is one of the very few that firewall testing specialists Matousec recommend.

Matousec say "...it is one of the best that are available today... we can recommend Kaspersky Internet Security to end users."

This is a strong recommendation because Matousec's business is to test and criticize firewalls: they do not hand out many recommendations.

Read about Matousec and other firewall testing here.

You can read the Matousec review of Kaspersky's security implementation here.

The firewall function of Kaspersky Internet Security provides:

• Protection from hackers
• Blocking network attacks. An intrusion detection system monitors any network activity that has the characteristics of a hacker attack.
  The program prevents hacker attacks by blocking connections from the hacker’s computer.
• Full control over network activity. The program controls all requests from applications to websites, in accordance with the program rules that have been set, and tracks all incoming and outgoing data packages.
• Safety on all networks. When a computer connects to a network, the program asks you to specify the type of network (a trusted network, Intranet or the Internet), so that the firewall can choose how strict the rules should be.
• Stealth mode This makes the computer invisible to outside users, effectively preventing all types of DoS (Denial of Service) attacks.

A full description of Kaspersky's complete internet security suite is on our Kaspersky page.

Or find out more on the Kaspersky Lab web site (UK) or...

Kaspersky Lab (USA)

ZoneAlarm Pro

ZoneAlarm Pro

We can't talk about firewalls without mentioning ZoneAlarm.

ZoneAlarm is probably the most well known name in personal firewall software. Posssibly because ZoneAlarm have made a free firewall available for many years.

Details about the free ZoneAlarm firewall are below.

But ZoneAlarm Pro provides much more than the free version.

• Basic Firewall Function (same as the free version)
• Advanced Network and Program Firewall
• Operating System Firewall (OSFirewall™)
• Anti-Spyware
• Antivirus Protection
• Identity Theft Protection
• Game Mode
• Spy Site Blocking
• Privacy Protection
• Email Security
• IM Protection
• Wireless PC Protection
  
  
  ZoneAlarm Pro is more than just a firewall.
  

  ZoneAlarm Pro has an anti-virus function and other features such as monitoring of games and privacy protection. So it extends well beyond a basic firewall.
  (For this reason you may not be able to have Zone Alarm Pro running along with another anti-virus program.) See our dicusssion about software compatibility above.

  Click here to get ZoneAlarm Pro English, 1 user 1 year.

  ZoneAlarm puts effort into being user-friendly. Zone Alarm gets a lot of good reviews for being friendly, easy and helpful. Although it is not exactly a security implementation matter, a firewall has to be easy for users to understand. No matter how robust and leak-proof it might be, it is only useful if users can understand how to work it.

  In this respect a big advantage of Zone Alarm is that it is available in various languages (listed below).
  

  Click on the links below for descriptions and ordering options for Zone Alarm in German, Spanish, French, Italian and Japanese.

  Or find out more at the ZoneAlarm web site.

  ---

  Deutsch
  
  

  ZoneAlarm Pro (Deutsch) - 1 PC 2 Jahre

  ZoneAlarm Pro (Deutsch) - Einzelbenutzer

  ZoneAlarm Pro (Deutsch) 5-Benutzer-Lizenz

  ---

  Español
  
  

  ZoneAlarm Pro (Español) - 1 PC 2 años

  ZoneAlarm Pro (Español) - 2 usuarios

  ---

  Français
  
  

  ZoneAlarm Pro (Français) - 1 User

  ZoneAlarm Pro (Français) - 2 User

  ---

  Italian
  
  

  ZoneAlarm Pro - 1 user (Italian)

  ZoneAlarm Pro - 2 user (Italian)

  ---

  Japanese
  
  

  ZoneAlarm Pro (Japanese) 1 PC 1 YR

  ZoneAlarm Pro (Japanese) 2 PC 1 YR