Do I Need an OUTbound Firewall?

Category: Security

I think I understand why I need a firewall to protect my computer from inbound threats. But a friend is telling me that I need another type of firewall software, which blocks outbound traffic as well. If I have anti-virus software, do I really need this outbound firewall?

What Kind of Firewall Do I Need?

Most people think of firewalls as barriers between their computers and bad things “out there” on the Internet. Inbound firewall protection blocks attempts by external entities (hackers or malware) to connect to your computer. See my related article Do I Really Need a Firewall? for my advice on INBOUND firewall protection. (Yes, you do need it.)

But the Internet is a two-way highway. Outbound firewall protection is just the opposite of inbound. It blocks attempts by software that resides on your computer to access the Internet. So if your computer is infected with a keylogger, an outbound firewall should prevent the keylogger from transmitting your passwords and other sensitive information to its evil masters. If another type of malware is using your computer to send spam to millions of innocent parties, an outbound firewall should prevent that as well, in theory.
Outbound Firewall

In practice, outbound firewalls provide little useful protection, consume computer resources, interfere with legitimate programs, and are generally more trouble than they are worth. They can also give you a false sense of security.

By default, the firewall in Windows 7, 8 and 10 provides only inbound protection. You can enable outbound protection as well, but then no program on your machine will be allowed to connect to the Internet! That means no browsing, no Windows Update, no email, no other updater programs, etc. You have to manually configure permission for every single program or process that you want to have access to the Internet. I don’t know about you, but that doesn’t sound like my idea of fun.

Other Reasons to Stick With Inbound Firewall Protection

Outbound firewalls spew many false positives. That is, they warn you about programs that really are not a problem. After seeing many false positives and ignoring them, it’s all too easy to ignore a legitimate warning of malware.

There are legitimate reasons why some software on your computer mayneed to make an outbound connection. Some programs poll a remote server to see if there are any fixes or updates available. Others send anonymous statistical data,or use collaborative feedback mechanisms. A weather or stock market widget on your desktop will need to pull in the latest data periodically. And then there are all the cloud-based apps that let you store and edit files online.

It can be very hard for the average user to figure out whether a given program should be allowed to access the Internet. Most outbound firewalls give only cryptic descriptions of what is trying to access the Net, so only the most technically savvy users can decide what to do about it. The chances are pretty good that you’ll block a program you do need, and later wonder why something isn’t working.

Outbound firewalls don’t do anything to prevent your computer from becoming infected, which is the most effective line of defense. If an outbound firewall warns you that malware is trying to access the Net, it’s already too late; your inbound defenses have been compromised somehow. See my article Free Anti-Virus Programs if you need to beef up your malware protection.

A router configured to use NAT (Network Address Translation) is my preferred alternative to software firewalls, inbound or outbound. Such a router effectively hides your computer from everyone “out there” so malware can’t even find it. It protects an entire network from a single point, instead of having to install firewall software on every device on the network. The router also does the heavy lifting, freeing resources on your local machine. The good news is that you probably already have a NAT router. See Do I Really Need a Firewall? for more information about routers and inbound firewall security.

Expert users may have resort to outbound firewalls occasionally. If you know every legitimate program that should be allowed access to the Net, an outbound firewall may alert you to hidden malware. But some malware is clever enough to disable your anti-virus or firewall protection, or fool the outbound firewall into letting it slip past.

The bottom line: Outbound firewall protection is of very marginal benefit and can be an enormous irritation. See my advice and links above concerning INBOUND firewalls and malware protection, and you’ll be better off.

Your thoughts on this topic are welcome! Post your comment or question below...

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 15 May 2017


For Fun: Buy Bob a Snickers.

Prev Article:
Beware of This Clever New Scam

The Top Twenty
Next Article:
Are Ultrasonic Beacons Tracking You?

Most recent comments on "Do I Need an OUTbound Firewall?"

Posted by:

Val
15 May 2012

From an ideological standpoint, outgoing firewalls are a great idea. Preventing your personal data from leaving and "background" servers to communicate with the outside is indeed part of computer security. If the bad guy gets in and infects your computer, we should have a second wall that keeps it from getting out.

You lock your doors to keep unwanted guests out, AND you also have fences to keep your dogs from running the neighborhood. You keep yourself safe (best you can) AND you keep your neighbors safer by keeping your own 'villains' at home.

Now, for the reality, implementation is going to be the secret. Unfortunately, the problem is that the solution is specific to the user and most users do not have the know how to do it.


Posted by:

actionjksn
15 May 2012

I have the firewall from my router and my Windows firewall is also enabled. Does this improve my protection having two layers? I know it uses some extra resources but I have a pretty fast Core i5 processor and 8 gigs of ram so it is still pretty fast. But I would like to know if I am getting any extra protection from it. I just want to make sure I'm as hard to hack as possible without getting annoyed in the way you mentioned in your article.

EDITOR'S NOTE: I can see no benefit to running the Windows firewall if you are behind a NAT router.


Posted by:

Dalton Tamney
15 May 2012

I agree with you Bob. I had an outgoing firewall some years ago and it caused me nothing but grief. I was constantly barraged with warnings about perfectly legitimate programs trying to send something out and, because the warnings used "geekspeek" I rarely understood what the warning was about or even what program was involved. I was finally able to get rid of the nuisance and I have never regretted it.


Posted by:

TheRube
15 May 2012

Try COMODO'S Stand-Alone Firewall . . . You are Gonna Love IT!!!

TR


Posted by:

JJ
15 May 2012

I enjoy my outbound firewall. It is good to know what programs are calling home. A firewall that is not configurable (only on or off) is worthless.


Posted by:

Snert
16 May 2012

I have an 'outbound' firewall that I've had for awhile. When a program first wants to phone home the firewall asks me what to do, allow or deny with a check box "Remember This". If I checked the box the firewall won't ask again.
I don't consider this an incovience though others might. It's another layer of security in case something sneaks in and wants to ask for orders from it's evil masters (or send my plan for world domination to Molly's Irish Pub in New Orleans). This lets me know I've got a problem that needs immediate attention.


Posted by:

Rahul
16 May 2012

If the warning is geeky or cryptic, the solution is to make it easy to understand. If the program name is not clear, it is time to make it clear.

One shouldn't lower one's guard just because a geek somewhere was too lazy to say something clearly.


Posted by:

Sirzune
16 May 2012

I've been using ZoneAlarm free with Vipre and have been happy with it. Isn't ZA a very good in/outbound firewall? From the hype, you'd think so. Any thoughts?


Posted by:

Ignaczewski
16 May 2012

Windows Update works with Zone Alarm on Windows 7. Do you think that LeakTest, ShieldsUp, and NanoProbe (from Gibson Research Corporation) are misleading tests?


Posted by:

JMJ
16 May 2012

Hi Bob!
I do agree! I just spent days installing a program on a friend's PC: it uses Excel and CDO to automate and manage mailing to his clients.
The program run perfectly on every PC where I tested it, but NOT on my friend's machine...
It took me quite a long time to find it was Norton who silently blocked outgoing mails! I got rid of it, installed AVG and everything is OK now :-)


Posted by:

david
18 May 2012

i would agree with you bob, up to a certain point. for users who have no idea what the out bound firewall is telling them i believe you are right,but for anyone who is fairly computer literate and know how to figure out what the out bound firewall is telling them, i would highly recommend it. it is the easiest way to find out what is really running and starting with your computer if you know how to use it right.


Posted by:

Michael Brinton
05 Apr 2013

Have Kasperskys Internet Security,that has in @ out, firewall, with Malwarebytes anti Malware, that is run in flash scan,when compute is shut down,and once a week on full scan. Behind a NAT gateway. Have not, experienced a problem, all system work in harmony.

Intuit that one is wise to contain,evaluate,eliminate any element that is intent on disrupting a state of well being,within
the global community.


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.
[an error occurred while processing this directive]


Article information: AskBobRankin -- Do I Need an OUTbound Firewall? (Posted: 15 May 2017)
Source: http://askbobrankin.com/do_i_need_an_outbound_firewall.html
Copyright © 2005 - Bob Rankin - All Rights Reserved