Explained: Do I need a Third Party Firewall?

Dennis Faas's picture

Continuing on with last week's article, David L. writes:

" Thanks for your help in identifying the culprit that was causing random Blue Screens of Death (BAD_POOL_CALLER) on both mine and my wife's system. Question: I have been using ZoneAlarm for many years and it has been good to me. If I decide to stick with the Windows Firewall per your recommendation - what happens if hackers find an exploit in the Windows Firewall that allows them into my system? Yes, ZoneAlarm has caused my Blue Screens of Death (BSOD) and it costs money upfront (versus the Windows Firewall which is free) - but why do you suggest using the Windows Firewall over ZoneAlarm? "

My response:

Aside from causing your systems to crash (for reasons explained here), I see no point in using or paying for a third party firewall because the Windows Firewall works just fine.

Before I explain why I feel that way, let's take a trip down memory lane to see how the market for third party firewalls developed in the first place.

How and Why Third Party Firewall, Antivirus Exist

When Windows XP was introduced way back in 2001, it was plagued with many security problems: there was no antivirus, no firewall, and no mechanism to deny programs administrative access and taking over (and infecting) the entire system. In other words, every program downloaded from the Internet ran with full administrative rights - which meant that the entire system was at risk.

This was a huge problem, and many software developers responded by introducing their own security packages, including firewalls. Because security was so lax with Windows XP, many of these firewall applications included extra security "addons" that weren't at all related to firewalling. At this time, ZoneAlarm was by far the best firewall program on the market.

Windows Security Dramatically Improves

In 2004, Microsoft released Windows XP Service Pack 2, which finally included the Windows Firewall. This helped block malicious programs from getting into the system and also from communicating with the outside world. In 2006, Windows Vista brought UAC (User Account Control), which permitted the user to allow or deny program installations, which helped block malicious programs from installing with administrative rights. In 2009, Microsoft introduced Security Essentials which included free antivirus.

Flash forward to 2012 with Windows 8 (and Windows 10 released in 2015), Microsoft now includes a free firewall, antivirus, UAC - plus many, many other security improvements by default.

So as you can see: if you are running a modern operating system such as Windows 7, 8 or 10, you likely have plenty of protection as it is. As such, there really isn't any need to pay for "extra protection" - which simply adds processing overhead and slows your computer down to a crawl.

The Purpose of a Firewall: in General

As for the firewall in general, let's discuss that:

The purpose of a firewall is to block or allow communication ports on the LAN (local area network) or WAN (wide area network - known as the Internet). That is it - nothing else, nothing more. By default, the majority of communication ports on the firewall are turned off, unless a particular Windows service requires it to be open, or you change it. Even so, to change a Windows Firewall setting, you require administrative authorization.

With that aside, most programs that infect your system would likely use port 80 or 443 to communicate to the outside world - that's because those ports are always open by default for web browsers, as those ports are reserved for HTTP and HTTPS respectively. Without those ports being open, you would not be able to browse the Internet. So: thinking that you are going to have "extra" protection by locking down "more" (or the same) ports - when they are normally blocked anyway - using a third party firewall program just doesn't make any sense to me. Why pay when you don't need to? Windows Firewall works just fine.

As for your other question: I have not seen or heard of any Windows Firewall exploits to date in the last 13 years - perhaps because it is a very basic service and does not require much updating. The fact is: most security issues are related to the Windows GUI (graphical user interface). Even so, if there was a Windows Firewall exploit, the same could be said about ZoneAlarm suffering from the same fate.

I hope that helps.

Rate this article: 
Average: 4.7 (14 votes)

Comments

fourwheelsonly_5516's picture

If windows 10 has anti-virus and a good firewall, why did my new computer come out of the box loaded with the MacAfee anti-virus program. This prompted me into thinking perhaps windows 10 security was lacking. Considering this post, would it be safe to delete all third party security software from my computer, providing I keep up to speed with Microsoft updates.

shotokan101_8852's picture

I personally wouldn't - Windows Defender hasn't a great reputation compared to some third party suites and McAfee is in my experience quite good and the firewall will be two-way compared to windows firewall which only blocks incoming

Dennis Faas's picture

Mcafee - in my opinion - is one of the absolute worst antivirus suites available because it is a MASSIVE resource hog, right next to Norton. The reason you have Mcafee pre-installed is because it was bundled with your computer. As someone already mentioned, they probably paid to have it done because they usually have a trial of some kind and then coax you into paying for a subscription.

rwells78's picture

Because McAfee paid MS to preinstall it.

shotokan101_8852's picture

Hi - are you discounting the fact that the Windows Firewall is still only On-Way Blocking ?

Jim

Dennis Faas's picture

Yes, the Windows Firewall is a one-way firewall. Unless you need to "be informed" (or are otherwise paranoid) of every computer process communicating with the outside world every second of the day, a one-way firewall is more than sufficient.

Two way firewalls are overkill - especially for the majority of home computer users that simply don't know any better. For example, habitually "Denying" a process will likely break program functionality because most programs these days rely on some sort of Internet connection / cloud environment.

Windows Server - which controls networks of a few PCs to a few thousand PCs in a corporate environment uses a very similar one-way Windows Firewall as standard Windows PCs. Also, Linux systems use "iptables," which are also a one-way firewall. Both these systems are considered to be the most secure systems on the planet - so that should tell you something about the usefulness of two-way firewalls.

From an administrative perspective, one-way firewalls make much more sense and are far easier to manage; if you need to block certain IP addresses they can be rerouted to 'localhost' using the Windows hosts file. Also, one-way firewalls simply won't respond to suspicious packet requests if the port is already closed.

kenmckinney_5452's picture

Dennis,

If my wireless router's firewall is enabled, do I still need Windows Firewall or a 3rd party firewall?

Ken

Dennis Faas's picture

A router firewall will block most outside communication from getting through your network using network address translation (NAT), but you still need a software firewall to fine-tune programs and to set policies running on your computer. This cannot be done with the router alone, hence you need a software firewall.

ddnaik4's picture

I agree with you I don't like Mcafee or Norton, and windows is not suitable. Which one would you recommend?

Dennis Faas's picture

This is off topic and will be the last answer I give that is off topic - however, I use the Windows Firewall with Avast! free antivirus with minimal protection. The Avast! free antivirus provides real-time file scanning, plus I have "silent gaming" mode turned on and sounds disabled. This keeps Avast! out of your face unless it's necessary. Real-time scanning is the only thing you need - any time a malicious program is read from the disk, it will be scanned and you will be alerted. Any other "extra protection" is CPU overhead that will slow your PC down to a crawl.

Valachi's picture

I agree with Dennis.

Although I use Linux for most of my computing requirements, I still use Windows 8 and 10 on 2 other laptop units, just to keep up to date with Microsofts' on goings in order to assist others that encounter issues and require my services to get them out of a bind from time to time.

Like Dennis, who mentions using Avast, I use the "free" version of Bitdefender and it has served me well. Works silently in the background on a minimal basis and notifies me when or if there appears to be a threat.

Once or twice a year, I may encounter an online "threat" and will then run ADWCleaner or Malwarebytes just to run a scan and clean out any nasty undesirable threats that may have found their way into my system from a regular online surfing session before they get out of hand and becoming buried deep into your system.

The one other important feature that I would like to point out to anyone surfing the net, is to enable a feature such as AdGuard or AdBlocker on your browser as this will reduce the majority of suspicious pop-ups that most people encounter while simply checking sites through their browser of choice. This includes safely being able to visit sites such as PutLocker should you be interested in viewing tv shows and movies.

Great info Dennis! Keep up the great service that you provide to us.