The other day, we mentioned that the OS X application firewall provides only inbound protection. I imagine there are some of you who are wondering what exactly that entails, and more specifically, how that differs from what’s in Intego’s products. Well, guess no more! Here’s a handy explanation about the difference between incoming and outgoing firewall protection.
As you may imagine, inbound protection protects you from threats that originate outside of your Mac and try to get in. There are many types of automated or direct attacks that this type of protection is useful to combat, and this is the type of protection that OS X’s application firewall provides.
But arguably the more important component, from an anti-malware perspective, is outbound protection. Outbound protection alerts you to attempts to connect out from your machine. There are a lot of legitimate processes on your machine that do need to connect out (such as to get email, surf the web, get or update settings, etc.) but if there is unknown malware on your machine, you want to be able to prevent it from connecting out to send data or to alert its controller.
NetBarrier, like OS X’s application firewall, protects you against incoming threats. Unlike the OS X firewall, NetBarrier allows you to automatically set different levels of protection depending on where you’re connected. When you select the “public” profile in NetBarrier, for instance, all connection requests from the local network will be blocked. This means that other computers on the WiFi at your favorite coffee shop will be blocked from communicating with your computer in any meaningful way. Say, for instance, you have file sharing enabled for use at home or at work. Regardless of what permissions you might have configured for file sharing, when you’re in public, requests from other computers will be blocked before they ever reach your files.
What if you don’t want to be totally locked down? Say your friend just showed up to the café and you want to share some files with her? NetBarrier also allows you to create exceptions that would allow you to let her through the firewall.
NetBarrier also monitors network requests that come out from your computer. Most forms of malware attempt to use the network at some point and that’s really how they do their damage. That key-logger that eventually identifies your credit card number doesn’t actually do any damage until it shares that information through the network. NetBarrier watches for applications sending or receiving information from the network and allows you to have a high level of control over what applications are allowed to do on the network. You may block applications from communicating entirely or block communications with specific locations on the Internet, for instance. If something attempts to connect to the network that has not been approved, a popups will notify you right away so you can decide whether you want to allow the request.
Regardless of where the connections originate, having a separate, full-fledged firewall allows you to block connections that you don’t want. That way people can’t get into your machine without your permission, and neither can unapproved applications that try to connect out.
Further Reading: