The average computer user is familiar with the concepts of firewalls and spam filtering, but all too often, these mechanisms are viewed as panaceas rather than the tools they actually are. With that in mind, let’s look at some of the most common misconceptions about firewalls and spam filtering. Challenging what we think we know can be the first step in acquiring the level of network security we really want.
Filtering Can Block All Unwanted or Dangerous Content
A good firewall can protect you from many and even perhaps most exploits, but the truth is that most malware is allowed onto computers through user interaction. Even the best firewalls can be undermined by user mistakes. Likewise, spam filtering can eliminate most unwanted content, and these filters can become particularly effective the more you fine-tune. Of course, they’ll never be able to eliminate all spam, and we shouldn’t use them with that expectation.
Firewalls Can Detect Malware
The purpose of a firewall is to eliminate entry points that an attacker could potentially use to compromise a network. Due to this process, a firewall can block many different types of malware. It doesn’t block this malware, however, because it detected it and acted accordingly. It also won’t do you much good if you install a firewall when malware that can compromise it is already present.
A Firewall Alone Is Good Enough
A firewall can be an effective part of a multifaceted approach to network security, but just having a firewall and spam filtering probably won’t do you much good beyond some obvious advantages. At the very least, it’s also crucial to be able to detect viruses and other malware in real-time, and the best solutions use heuristic analysis to detect unknown viruses. This is achieved based on behaviors, patterns and viruses.
Spam Filtering and Firewall Measures Are Enough to Protect Children
One of the great concerns for modern parents is protecting their children from graphic images and the like that they’re just not ready to see. Some firewall solutions market themselves with this demographic in mind, but in truth, firewalls and spam filtering alone are generally not enough. Supervision is the only foolproof method, but there are also Internet nanny suites that can significantly cut down on the kind of exposure you want to avoid.
All Firewalls and Spam Filterers Are the Same
Perhaps the most pervasive and dangerous misconception is that technology has advanced to the point where all of these solutions are just as good. The truth is that not even all firewalls are host-based intrusion prevention systems or HIPS. The other truth is that plenty of firewall and spam filters on the market frankly do not perform their jobs well.