Last Updated on
Just about everyone knows what a firewall is these days, thanks in part to the ubiquity of Windows operating systems and Windows Firewall. However, you may not know that firewalls come in one of two main types: hardware firewalls and software firewalls.
For example, the firewall features in your wireless router’s firmware create a hardware firewall. And even though they’re great for mitigating a wide range of threats, you’re still going to want to run a software firewall on your local computer for an extra layer of protection.
The good news is that just about every operating system comes with firewall features by default. Whether you use Windows, Mac OSX, or Linux, there’s already a software firewall on your local machine. Unfortunately, there are a few problems.
First of all, some firewalls aren’t enabled by default, which creates a massive security risk. Windows Firewall is enabled by default, but its default configuration settings are painfully annoying.
The second problem with default OS firewalls is that…well…they suck! Don’t believe me? Just think about how many times you’ve heard someone gripe about Windows Firewall issues. You see, operating system developers and companies like Microsoft and Apple don’t focus on firewalls exclusively.
As a result, there are plenty of third party firewalls that come jam-packed with extra features that blow standard OS firewalls out of the water.
So, just download a third party firewall and be done with it. Problem solved! Right? Well no, not exactly. Even though there are a smattering of third party firewalls that exceed standard OS firewalls, they’re not all free. Many of them come at a price – a price many people aren’t willing to pay.
The best solution (if you’re extremely price-sensitive) is to download a free firewall. But there are so many, it’s hard knowing which ones to trust.
That’s why I’ve compiled a list of the best free firewalls of 2017.
Comodo Free Firewall has long been a favorite of the industry, and for good reason. Despite the technical nature of firewall configurations, Comodo has done a tremendous job of making its software simple to use – even if you’re not a self-proclaimed technologically savvy computer whiz.
It has won numerous awards from organizations such as OPSWAT and software informer and provides more protection than a standard firewall.
It will actually monitor live connections to look for any abnormalities, anomalies, and other markers of suspicious activities to keep you safe online. Plus, you can even use it to set routing policies such as per-application tunnel routing.
For instance, if you download torrents through a VPN tunnel, you can select which traffic and downloads are routed through the tunnel, and send inconsequential traffic that isn’t sensitive through your ISP in an unencrypted format.
In addition, you can even set up a personalized kill-switch to halt downloads in the event of a VPN tunnel disconnect, which ensures that your sensitive data is always protected by the tunnel. But even though it’s easy to use, it doesn’t skimp on advanced features, making it a favorite of technically inclined and knowledgable users.
Other features include its ability to learn user behavior to adapt and provide personalized detection, as well as DDP-based security to block malicious threats and provide users with warnings. Oh, and let’s not forget its best feature…it’s free!
ZoneAlarm is another security-centric information technology company that’s well known for its antivirus security products. But I bet you didn’t know they offer a free firewall solution that’s better than most basic OS firewalls. Like Comodo’s free firewall solution, ZoneAlarm includes features that are more typical of an antivirus solution.
It will stop Internet attacks in real-time by keeping an eye on the inbound and outbound traffic flowing through your network interface. If it notices anything odd or suspicious, it will proactively block traffic to nip security problems in the bud. Interestingly enough, it has a proprietary Stealth Mode feature that helps limit visibility to hackers.
The Stealth Mode helps block ports that hackers could make connections on, and limits visibility to reconnaissance tools such as information gathering techniques and scanning mechanisms.
In addition, it has a Kill Control feature that will block and deactivate malicious programs and processes in real-time. It also comes with some cool Wi-Fi security features that adapts firewall policies based on the level or perceived security when connecting to a wireless network. It can even secure your PC against LAN based attacks on unsecured wireless networks.
The only drawback that I didn’t like is the fact that the free firewall solution is only supported on Windows platforms as far back as Windows XP SP3. That said, I loved its features too much to not include in the best firewalls of 2017 roundup, and I think it’s a fantastic security tool that more people should take advantage of. After all, it doesn’t cost a dime!
If you’ve suffered through the use of Windows Firewall and its pitfalls, you likely understand firsthand how annoying false positives and overactive warnings are. Though warnings and flags are part of the nuance of most firewalls, Windows Firewall is notoriously irksome. That’s why TinyWall was designed to be a light firewall that doesn’t feel so invasive.
It includes features aimed at white listing websites that you know and trust as a means to circumvent thrown errors and warnings. While most firewalls include a way to trust websites, TinyWall is less invasive and comes with an automatic learning mode to intelligently adapt to user behavior.
You can custom set your own hotkeys and use lists instead of needing to be constantly interrupted by annoying pop-up warnings.
It’s incredibly small, too, topping out at approximately 1MB in size. Additional features include the following:
All in all, TinyWall is a great lightweight alternative to Windows Firewall that doesn’t hog system resources and inundate you with “critical” warnings.
PeerBlock is a free and open source firewall solution and has long been a favorite of people who regularly engage in P2P file transfers. However, this isn’t a standard firewall per se; rather, it was designed specifically to secure against potentially dangerous peer connections (hence the name).
The problem with P2P file sharing is that you connect to numerous (perhaps hundreds, if not thousands) of strangers, and some of the IP addresses you connect to may be untrustworthy.
Since PeerBlock is streamlined to focus on blocking connections from untrustworthy sources, it runs a lot lighter than a standard software firewall, and has a simple interface. Basically, it works by creating a “black list” of IP addresses that you don’t want to share connections with. When setting it up for the first time, the software will allow you to categorize the types of websites that you want to block.
Available options will help you block connections from sites that are already known to be malicious, anti-torrent and anti-P2P groups, sites that host adware, sites that host harmful scripts, and other similar categories.
In addition, you can sort through data with IP and HTTP variables that monitor trackers’ source and destination IP addresses, protocol type, and connection time. If you download torrents or other P2P files, I’d highly recommend using this tool. However, make sure that you use it in conjunction with a full-featured firewall as well.
Norton doesn’t offer a completely free firewall. It costs $34.99 for the whole security package (check here for the latest price), but I felt obligated to give it an honorable mention for two reasons. First of all, it’s a great firewall solution with robust features.
Secondly, it has a longer free trial period than just about any other product I’ve ever seen. You can take advantage of the free trial for 60 days, and it’s completely full-featured. Most free trials water down the software by limiting its features, but not Norton.
The firewall is aware of your location by means of the network you connect to and can cache settings to make it behave differently at new and old networks alike. Not only does it scan traffic for malicious activity, but it can also even verify the validity and reputation of applications and specific traffic types. It’s really more of a hybrid firewall and antivirus system combined into one solution.
Though you do have the option of statically creating rules, policies, and port provisions, it can dynamically adapt to block threats on the fly.
The main disadvantage of this solution, of course, is the fact that it isn’t free. But the trial is long enough to accommodate short term needs as you search for an alternative solution.
I’m a massive fan of the free Comodo firewall solution and would recommend it over most operating systems’ default firewall with few exceptions. The only exception might be some of the free Linux firewall configuration commands that can be run from the shell, but I undoubtedly recommend it over Windows Firewall any day of the week.
The ZoneAlarm solution is my second favorite, simply because it’s easy to use, effective, full-featured, and free. While the remaining three alternatives aren’t my favorite, they’re undeniably strong and robust alternatives for those of you looking for a free firewall solution.
Lastly, I’d like to advise people to give personal security more attention. In my opinion, everyone should be using a fully configured firewall application in addition to antivirus and a good VPN service. Failing to use these tools could mean you’re the next victim of an attack.