Do I Need an OUTbound Firewall?
I think I understand why I need a firewall to protect my computer from inbound threats. But a friend is telling me that I need another type of firewall software, which blocks outbound traffic as well. If I have anti-virus software, do I really need this outbound firewall?
What Kind of Firewall Do I Need?
Most people think of firewalls as barriers between their computers and bad things “out there” on the Internet. Inbound firewall protection blocks attempts by external entities (hackers or malware) to connect to your computer. See my related article Do I Really Need a Firewall? for my advice on INBOUND firewall protection. (Yes, you do need it.)
But the Internet is a two-way highway. Outbound firewall protection is just the opposite of inbound. It blocks attempts by software that resides on your computer to access the Internet. So if your computer is infected with a keylogger, an outbound firewall should prevent the keylogger from transmitting your passwords and other sensitive information to its evil masters. If another type of malware is using your computer to send spam to millions of innocent parties, an outbound firewall should prevent that as well, in theory.
In practice, outbound firewalls provide little useful protection, consume computer resources, interfere with legitimate programs, and are generally more trouble than they are worth. They can also give you a false sense of security.
By default, the Windows 7 Firewall provides only inbound protection. You can enable outbound protection as well, but then no program on your machine will be allowed to connect to the Internet! That means no browsing, no Windows Update, no email, no other updater programs, etc. You have to manually configure permission for every single program or process that you want to have access to the Internet. I don’t know about you, but that doesn’t sound like my idea of fun.
Other Reasons to Stick With Inbound Firewall Protection
Outbound firewalls spew many false positives. That is, they warn you about programs that really are not a problem. After seeing many false positives and ignoring them, it’s all too easy to ignore a legitimate warning of malware.
There are legitimate reasons why some software on your computer mayneed to make an outbound connection. Some programs poll a remote server to see if there are any fixes or updates available. Others send anonymous statistical data,or use collaborative feedback mechanisms. A weather or stock market widget on your desktop will need to pull in the latest data periodically. And then there are all the cloud-based apps that let you store and edit files online.
It can be very hard for the average user to figure out whether a given program should be allowed to access the Internet. Most outbound firewalls give only cryptic descriptions of what is trying to access the Net, so only the most technically savvy users can decide what to do about it. The chances are pretty good that you’ll block a program you do need, and later wonder why something isn’t working.
Outbound firewalls don’t do anything to prevent your computer from becoming infected, which is the most effective line of defense. If an outbound firewall warns you that malware is trying to access the Net, it’s already too late; your inbound defenses have been compromised somehow. See my article Free Anti-Virus Programs if you need to beef up your malware protection.
A router configured to use NAT (Network Address Translation) is my preferred alternative to software firewalls, inbound or outbound. Such a router effectively hides your computer from everyone “out there” so malware can’t even find it. It protects an entire network from a single point, instead of having to install firewall software on every device on the network. The router also does the heavy lifting, freeing resources on your local machine. The good news is that you probably already have a NAT router. See Do I Really Need a Firewall? for more information about routers and inbound firewall security.
Expert users may have resort to outbound firewalls occasionally. If you know every legitimate program that should be allowed access to the Net, an outbound firewall may alert you to hidden malware. But some malware is clever enough to disable your anti-virus or firewall protection, or fool the outbound firewall into letting it slip past.
The bottom line: Outbound firewall protection is of very marginal benefit and can be an enormous irritation. See my advice and links above concerning INBOUND firewalls and malware protection, and you’ll be better off.
Your thoughts on this topic are welcome! Post your comment or question below...
This article was posted by Bob Rankin on 15 May 2012
|For Fun: Buy Bob a Snickers.|
Do Those 'Speed Up Your PC' Programs Really Work?
The Top Twenty
Windows 8: Will You Be Pleasantly Surprised?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Do I Need an OUTbound Firewall? (Posted: 15 May 2012)
Copyright © 2005 - Bob Rankin - All Rights Reserved