A personal firewall is a firewall-like software application which runs on a users PC.

Traditional software-based firewalls run as the only application on stand-alone computers which have been hardened to protect against hackers. Personal firewalls run on PC’s along with all of the other applications required by the PC user.

Traditional firewalls protect entire networks. Personal firewalls are normally designed to protect only the PC upon which they are installed.

Because they run on the same computer as the other applications, personal firewalls have more information available to them than traditional network firewalls. The traditional network firewall knows whether the traffic is TCP, UDP, or ICMP. It knows what port number the traffic uses. It may know something about the protocol being utilized. It also knows the source and destination of the traffic. A personal firewall knows all of this, but also knows what software application is sending or receiving the traffic.

Most personal firewalls pop-up windows to notify the user about unknown network traffic. The user is then given the choice to allow or deny the traffic.

Personal Firewall Limitations

Because they run on the same computer as other applications, personal firewalls are vulnerable to being infected, modified, or disabled by any computer viruses, trojan horses, or network worms which are present in other applications on the PC.

Popular Personal Firewalls

Windows XP ships with a basic personal firewall already integrated into the Operating System.

More comprehensive personal firewalls are available from many vendors, including: Agnitum, Deerfield, ISS, Kerio, McAfee, Normal, Sygate, Symantec, Tiny Software, and Zone Labs.

Free Personal Firewalls

Many free personal firewalls are feature-limited versions of commercial personal firewalls. The manufacturers hope that you will try their software and be willing to pay for the more advanced features in their paid products.

Free personal firewalls are sometimes only free for home users. Many free personal firewall licenses restrict their use for business purposes.

R-Firewall

R-Firewall is a free program comparable with commercial firewalls.

R-Firewall is an effective and easy-to-use solution to secure your on-line activity. It protects a computer connected to a local network and/or to the Internet against any intrusions, attacks, trojan horses, spyware, and other external and internal threats. R-Firewall also filters out inappropriate Internet pages content and blocks dangerous active components you may get while browsing over the Internet or receiving e-mail massages.

Automatic configuration during setup allows you securely surf the Internet right after the software installation. Mobile users can create multiple and easily switchable configurations for specific network environments (Internet surfing at home, office local networks, or public Wi-Fi spots).

  • Network security features
    • Monitors network activity at the application and system component levels
    • Detects and blocks direct network intrusions
    • Detects and blocks network connections that malicious programs try to establish from within and outside the protected computer
    • Detects and blocks numerous types of attacks
    • Detects and blocks various dangerous active content on the Internet, such as JavaScript objects, ActiveX components, etc
    • Checks e-mail attachments for dangerous content, such as executable programs, JavaScript objects, ActiveX components, etc
    • Converts the protected computer into a “stealth” machine running invisibly to outside intruders
    • Provides detailed log information
  • Content control features
    • Detects and blocks unwanted information on the Internet, such as commercial banners, pop-up windows, and cookies
    • Blocks access to undesirable or inappropriate Web pages, specified either directly by their URLs, or by keywords
  • Easy-to-use features
    • Automatic configuration during setup. Your computer is ready for surfing the Internet right after the installation
    • Presets for most Internet applications. No need to manually set ports, protocols, or other technical staff for each installed program
    • Multiple and easily switchable configurations that you can create for a specific network environment (for your home, for your office local network, or for a public Wi-Fi spot)
    • Two types of interfaces: Simple for inexperienced users and Advanced for fine-tuning
    • An indefinite number of rules for each application
    • Low resource requirements

SoftPerfect Personal Firewall

SoftPerfect Personal Firewall is a free network firewall designed to protect your PC against attacks from the Internet or via a local area network. SoftPerfect Personal Firewall offers customizable security using user-defined rules for packet filtering. It works at a low level and also allows you to create rules based on non-IP protocols such as ARP.

SoftPerfect Personal Firewall supports multiple network adapter configurations. This allows you to apply a rule, for example, for just a modem connection or you could apply separate rules for each system interface. With a flexible filtering system, trusted MAC address checking feature and separate network adapter configuration you can even use it on a router or a server.

SoftPerfect Personal Firewall has a learning mode, which prompts you for required actions when it detects an unknown packet. This helps you to create customized rules quickly. The program is easy to use, comes with a set of predefined rules and it is completely free. Additional features include password protection, logging and more.

  • Powerful traffic filtering system using user-defined processing rules.
  • Supports configuration for multiple network adapters.
  • Learning mode and comes with a set of predefined rules.
  • Filters IP and non-IP traffic.
  • Easy to install. It does not change your Windows system files and does not require any additional libraries (dlls).

CheckPoint Zone Labs ZoneAlarm

CheckPoint Zone Labs makes a limited version of ZoneAlarm available as a free download for non-business use.

Kerio Personal Firewall

Kerio Personal Firewall represents smart, easy-to-use personal security technology that fully protects personal computers against hackers and internal misuse.

The Kerio Personal Firewall is free for home and personal use.

the limited free edition of Kerio Personal Firewall does not provide the content filtering capabilities such as blocking pop-up windows, ads, VB scripts, cookies, and other features which are available in their full product.

Agitnum Outpost Free Firewall

The free version of the Agnitum Outpost Firewall offers basic protection for casual web surfers and low budget systems.

  • Basic Firewall Protection
    • Standard packet and application filtering safeguard your computer from unwanted communications.
  • Connections Monitoring
    • Lets you see network activity in real time, to help define inappropriate connections and close them right away.
  • Surfing Protection
    • Maintains your privacy on the Internet, keeps browser protected from Internet dangers.

Jetco Personal Firewall

Jetico Personal Firewall offers detailed, configurable event logs, reports, plus the option to view and edit the firewall configuration. The modular architecture is as open as possible to assist with easier evaluation of the security.

The Jetico Personal Firewall enables you to:

  • Protect your computer against hackers and malicious software when networked or connected to the internet.
  • Choose a pre-defined Security Policy.
  • Edit an existing Security Policy (i.e. the firewall rule set configuration).
  • Create your own Security Policy.
  • Monitor running applications that access the network.
  • Monitor selected/all network packets as well as selected network events.

Three-layer protection:

  • Low-level. (Network packet filter). This checks the validity of network packets and parameters such as source & destination addresses, protocol, etc. Using this process, Jetico Personal Firewall can make your computer invisible to a non-trusted network. By selecting the Optimal Protection Policy, your computer becomes “stealthy”. Any security probing tests (for example, ShieldsUp! tests) by Internet hackers will report that your computer does not exist.
  • Application-level. (Network events filter). This checks and enables you to monitor network/internet connection requests made by applications. If you are not sure why an application wishes to send or receive data from the Internet you can limit or block the activity.
  • User-level. (Process activity filter). This notifies you of and prevents dirty tricks by Trojas and other malicious programs. (A Trojan can inject its own code into programs on your computer and send data about you to a third party. e.g. a Trojan in Internet Explorer could transmit details of your browsing preferences.)