Personal Firewalls, Anti-Virus, and Host Intrusion Prevention

Firewalls

A personal firewall is a program that you run on your computer which blocks any communication to and from that computer that has not been specifically allowed by you. As such, a desktop firewall can block malicious attempts to penetrate your computer and take control of it. Note, however, that firewalls work by making judgments about how software wants to communicate with your computer; they can only watch what is going out or coming in. Once a piece of mailicious software finds its way its way into your computer and is quietly wreaking havoc, it's too late for the firewall to do anything about it.

Host Intrusion Prevention

Host Intrusion Prevention adds a third level of protection to your firewall and anti-virus programs by continuously monitoring the software that's running in your machine. It detects and shuts down or blocks the action of suspicious programs based on how they're behaving, rather than on the basis of how they look or how they got into your computer.

Managing It All

Unforutunately the only way that security software like firewalls, anti-virus or host intrusion prevention can tell whether something is suspicious is by means of a large, complex and arcane set of rules that tell it how good software should look, act and communicate. If the rules and signatures that your software is using are too lenient, your security software could miss things that it should catch. If those rules are overly restrictive, they will cause desktop programs like email, your web browser, printing or just logging in to malfunction, and the cause of this malfuntion is usually very hard to trace when it happens. Finally, if those rules and signatures are too old, they'll miss newer forms of attack. Given the speed at which new threats now appear and spread through the internet, "too old" can be little more than a day or two.