Topics Map > University of Chicago > IT Services > Applications, Operating Systems, & Devices > OS
Desktop Firewalls (In Plainspeak)
This article explains what firewalls are, how to get one, how they work, and how to configure one.
A desktop firewall is software that monitors and controls communication to and from your computer. Firewalls are generally used to stop someone from trying to gain access to your computer remotely.
Firewalls look at where network traffic is coming from (denoted by the ip address) and which programs are trying to use it (denoted as a port). With this information (and perhaps a little supplied by you), it can block unwanted intruders and help keep your computer stable and secure.
Firewalls in 4 Terms:
No matter how simple or complicated a firewall is, reading its technical jargon will revolve around understanding these fours terms related to network traffic:
- client - the party asking for something
- server - the party giving something back
- ip address - like a street address for computers
- port - like a postal box number for computers
Read the full document, of course, for additional explanation.
Getting A Firewall
There are a number of high-quality free firewalls for whatever OS you use. For Windows 7, we recommend using the Enabling Windows Firewall; for the Macintosh, we recommend using the Document 16125 is unavailable at this time. ; Unix/Linux systems also have a variety of Unix/Linux built-in firewalls.
Most firewalls will have a built in configuration that takes care of most of your needs. However, depending on your environment, you may want to customize the firewalls rules. For an introduction to understanding those rules, or to just gain a better understanding of how firewalls work, read on.
What Is A Firewall?
A firewall is a device that filters network traffic based on some pre-defined logic. This definition is necessarily ambiguous; firewalls may be anything from a software application, to a tiny dedicated USB device, to a full-blown server. Accordingly, firewalls are defined by the function they fill - not the form they take.
In this document, we are focused on software firewalls for normal desktop or laptop computers. Software-based firewalls such as these integrate themselves into the operating system, placing themselves between the computer's network card and the applications that might access it.
How A Firewall Works
When a computer talks to other computers, it needs to have a language that both systems understand (much like we need shared languages to communicate which each other). In computer terms, the language being used is called a protocol. The most commonly used networking protocol is called Transmission Control Protocol/Internet Protocol (TCP/IP) which is the language of the Internet.
In many ways, traffic on the Internet gets routed like our postal system. Each computer on the Internet has an IP address (much like a street address) that includes information on how to route traffic to that computer. In addition, once a traffic has arrived at a computer, another TCP/IP convention, ports, tells the operating system what application the traffic is destined for. Making decisions based ip addresses and ports are the basis of how firewalls make decisions on what traffic to allow and what traffic to block.
In general, during network communication, computers play one of two roles: client or server. A client program requests information like, for example, this web page; a server is a program that sits around waiting for someone to ask it to serve information. They are two sides of the same coin.
A personal computer shouldn't ever need to act as a server but still maintain those capabilities. A good, simple firewall configuration enforces these roles by blocking unsolicited incoming traffic looking for a server, while allowing the computer to act as a client
For information on setting up a firewall for your computer, stop by our desktop firewall page.