When to use a firewall? The answer to that question is very simple. You should be having the properly configured and workable firewall installed on your computer all the time.
Why, you may ask, should you use the firewall and what exactly it does for your computer?
INTRODUCTION TO COMPUTER FIREWALL
To explain in a simple terms the firewall is a security system for your computer. Compared to your home or car alarm, the computer firewall will keep your computer out of harm's way by acting as a security buffer (thus a name firewall) between the information stored on your computer and unauthorized attempts to access such information by anyone outside your trusted zone of contacts and web sites (resources you authorize to have an access to your computer).
In maintaining the proper security for your computer it is not only important to have the firewall but it is also important to have the firewall configured and operating properly. Just as your home or car alarm will not stop a thief if it is not installed and running properly, the computer firewall will not prevent an intruder from gaining the unauthorized access to your computer unless it is running and is configured properly
TYPES OF COMPUTER FIREWALLS
The computer firewall may consist of software (program you have installed or enabled on your computer) and hardware (a piece of equipment that sits in between your computer and the unsecured Internet connection) or it may be the combination of both. Depending on the size of the network (how many computers the firewall is protecting) you can have a simple or a complex firewall set in place. But in the end regardless of the topology and the complexity the basic principle and operation of the computer firewall can be simplified to few general observations.
PROTECTION OF INFORMATION
What value does your private information (stored on your computer) have to a potential intruder? The answer is a lot. Even if you do not use your computer to store any personal information (social security number, bank and credit card numbers, address, phone number, contact list of your friends and associates, etc.) your computer can be still a potential tool to an intruder that he or she may use to launch further attacks against the targets of more value.
Commonly referred as zombie computers or collectively as
botnet groups such compromised computers had been used to relay spam to other machines, launch crippling attacks to web sites and other machines (distributed denial of services or DDoS attacks, hacking attempts, etc.) and more. And in most of times the computer owner is not even aware that their computer is used for such malicious purpose (those processes may be running in stealth mode in background of the legitimately running processes on your computer).
However the more inherent danger of the potential breach is the confidential information that may be stored on your computer. Many of us nowadays use our computers to maintain our finances and investments, pay our bills and safe keep other important information. All this is the prime target and a grand prize for the intruder who may be trying to gain an access to your computer. And it is not just home computer users that are facing this problem. Many big businesses and corporations had recently been victims of the security breach and data theft (hackers breaching the corporate firewall and stealing tens of thousands of credit card numbers from store database, breaches to the government agencies storing the personal information such as social security numbers, etc).
The above is just the tip of the iceberg of what is happening nowadays with computers worldwide and one more reason why you should make sure not only that you have a firewall in place but also make sure your firewall is configured properly and is actively protecting your computer from intruders aiming to break into it.
COMPUTER FIREWALL AT WORK EXPLANATION
The easiest way to explain how the computer firewall works is to compare your computer to a big box full of all sorts of things and items. The computer firewall organizes such items in security zones based on your instructions and input and gives an access to this information based on rules you specify. Comparing to the box analogy, the firewall places different items from big box into many smaller boxes and places a lock on each of them. It than decides whom to give a key for each box based on what you had instructed it to do and remembers those decisions when a person attempts to access items stored in each box.
Such smaller boxes in computer terms are called zones and you may have many zones. While different firewall configurations may be naming or grouping those in different ways the principle is still the same, the zones organize the information stored on your computer into a spectrum from the information that is available for anyone to access to the information (GENERAL ZONE) that only a person with confirmed credentials can access (RESTRICTED ZONE). You may also have many steps configured in between that may be a mix between General (unrestricted access) zone and Restricted (private protected access zone).
While there is not a 100% wrong or right way to configure your computer firewall (different people develop their own recipe of how they like their firewall to work based on their own preferences and needs), I in general like to have multiple layers of firewall that are mix of hardware and software.
Hardware firewall is a device installed in between your computer and the outside network. The benefit of the hardware firewall is that it is less dependent on the physical state of the host computer as is the case with the software firewall. Therefore the hardware firewall will less likely become compromised due to the user error (disabling the feature by accidentally clicking on it, etc.).
The hardware firewall can also protect multiple computers at the single location allowing you to set more uniform security policy (rules for access to information stored on your computers) across many computers within your network. Because of this the hardware firewall was more preferred choice for company and corporate firewall security.
The other dissuasive factor that hardware firewall had in past for the home owner was the cost of such device. Large corporations have large budgets and are able to spend tens of thousands of dollars or more that the typical hardware firewall can sometimes cost but for a home user this big expenditure is typically out of the question and out of the budget.
This has recently changed with the introduction of hardware firewall devices that may cost from hundred to couple hundred dollars but still give relatively high level of the protection and security against the would be intruder trying to break into the computer. Such companies as Secure Computing (recently bought by McAfee) and FortiNet all have the SOHO (small office home office) firewall units that are relatively inexpensive but highly effective in preventing the intrusion to your computer. Even companies like Linksys, D-Link or Netgear had recently started offering the inexpensive hybrid router/firewall units capable of providing the extra level of security for a home computer network or a single computer unit at a very affordable price. Therefore the good old excuse "it's to expensive for me to own" no longer applies as a reason of not incorporating the hardware firewall to your arsenal of computer protection tools.
Software firewalls as name implies, are computer software that is typically installed on a host computer and that prevent the would be intruder from gaining the unauthorized access to your computer. Most computers nowadays coma standard with the software firewall being part of operating system (all Windows XP and Vista computers as well as Mac OS have the basic firewall built into it).
While cheaper to deploy the software firewalls are more prone to mis-configuration or being disabled by accident and unbeknown to the computer owner (clicking on OK to give the web site permanent access will bypass the firewall rules set in place, accidentally disabling firewall altogether etc.).
However the software firewall does have some advantages over the hardware firewall. It is more portable and will always follow the host computer on which is installed. The hardware firewall on other hand is more stationary piece of computer defense and as such can be bypassed by simply removing the computer from its realm of protection (taking your laptop away from your office or home and working on the road,etc.).
Hybrid firewalls are the mixture of software and hardware layer for an optimal protection. The hardware firewall is installed as a stationary layer of defense aimed at more durability and security while the computer is inside of the protected network while the software firewall is installed and configured as fail-safe option in case of the hardware firewall failure or in scenarios where the computer is removed from the realm of hardware firewall's range of protection (laptop and mobile computer users, etc).
FIREWALL DEPLOYMENT CONCLUSION
Using the hybrid approach (combination of hardware and software) is my recommendation for having an effective and working level of protection against the intruders looking to break inside your computer but either way you decide it is important to have at least something available, configured and running in place of your computer firewall.
Ignoring the fact or simply thinking that you do not need to have a firewall installed and running on your computer may be a costly and dangerous mistake not only for you but also for people who are playing it safe (unsecured and unprotected computers being turned into zombie machines and botnets used for illegal and unethical means by the hackers and criminals). So make sure your computer is protected adequately and have the working and properly configured firewall incorporated as a part of your computer defense alongside your anti-virus and anti-spam software.