Lab

Software Labs: Personal firewalls

Sometimes it seems as if everyone wants to use your PC. Viruses try to wreak havoc with your data files and may even blackmail you for money; hackers are constantly searching for PCs to add to their enormous armies of remote-controlled systems; and spyware companies want you to see pop-up adverts and buy shoddy security software.

You don't have to visit pornography sites, download pirated software or open suspicious email attachments to become a victim. If you don't install security software, you'll fall foul of these threats and your PC will be under someone else's control. Personal firewalls provide a barrier to the baddies and you shouldn't even contemplate connecting to the internet without one.

The job of a personal firewall is to control the network traffic that enters and leaves the PC it is installed on. At its most basic it should turn away incoming connections from the internet. In most situations nobody on the internet has any business connecting to your computer, so the firewall should block any attempts to do so. The firewall built into Windows XP does this job perfectly well.

There are a few situations in which you want to allow incoming connections, such as when using some internet messaging programs or playing certain online games. Your personal firewall should be flexible enough to allow these programs to work, but should give you a chance to block them just in case. Again, Windows' firewall is equipped to do this.

Why not Windows?

So if the free firewall that's built into Windows XP works well, blocking hackers' attempts to connect to your PC, why spend money and time buying and installing a third-party firewall? One argument is that, if you have an excellent anti-virus program, you can make do with the Windows firewall. Another is that you shouldn't rely on just one security measure. Defence in depth, with multiple obstacles for hackers and viruses, is a more secure way of protecting your computer than relying on a single product.

A hacker can load a Trojan on to your PC in many ways. There have been cases where an attacker has hacked a respectable website and altered download files, adding code to turn a regular program into a tool that calls the hacker over the internet and allows him to control the PC it's running on. When users download and install this program, the hacker can control their computers.

The Windows firewall can't protect against this type of attack because the connection is made from the PC to the attacker, not from the attacker to the PC. The Windows firewall checks only incoming connections, not outgoing ones. If your anti-virus program doesn't detect the Trojan, your PC is no longer your own.

Every one of the personal firewalls reviewed in this test can help prevent this situation. Not only can they monitor and block incoming connections, they also keep an eye on the applications loaded on the PC. If a program such as Internet Explorer tries to connect to the internet, the firewall allows it to do so, but only after asking if you approve. If a virus or hacker alters the program, the firewall detects that it has changed and blocks it. It should also alert you to the security breach. This is called application control.

Suite dreams

Many of the firewalls here are also available as part of a bundle with anti-virus software. These security suites are usually better value than individual programs. Some companies provide firewalls only as part of a suite, so we've tested a few of these as well, including Trend Micro's PC-cillin Internet Security 14, F-Secure's Internet Security 2006 and Kaspersky's Internet Security 6.0.

We have also tested the free version of ZoneAlarm, a favourite among reviewers for years. Zone Labs now produces a wide range of commercial products, so we'll find out if the free version is still worth using.