What is a firewall? and which type I should be using? are a couple of questions that get thrown at me from time to time. Firewalls hardware/software are your first line of defence against external harmful attacks whereas an effective Anti-Virus/Intrusion Detection solution is your second line. Hardware firewalls provide strong protection from most forms of attack coming from the outside world.

In a typical broadband router they employ a technique called packet filtering, which examines the header of a packet to determine its source and destination addresses. This information is compared to a set of predefined and/or user-created rules that determine whether the packet is to be allowed or dropped.

A more advanced technique called Stateful Packet Inspection (SPI), looks at additional characteristics such as a packet's actual origin (i.e. did it come from the Internet or from the local network) and whether incoming traffic is a response to existing outgoing connections, like a request for a Web page. Most hardware firewalls have a downfall in that they typically treat any kind of outgoing traffic as safe, which can sometimes be a problem.

You can only block the suspect port if your hardware firewall has blocking feature however, since there are over 65000 ports that can be used by programs running on your PC and if one of these programs happens to be a virus then the chance of blocking it is fairly slim and will hinder other genuine applications.

For incoming traffic, hardware firewalls generally let through all traffic using trusted ports such as port 25 used by email SMTP (Simple Mail Transfer Protocol) and that is where the software firewall can play its role more effectively. Software firewall will allow you to configure certain applications for example Microsoft Outlook to use port 25 and drop or block other applications pending user confirmation.

Also software firewall will alert you to repeated attempts whereas hardware firewall will not. Software firewall disadvantage is the requirement of multiple installation if you have more than one computer. It could get fairly expensive to manage as well. My advice is to use hardware firewall as bare minimum and compliment it with software firewall but should always have up to date anti-virus.