A firewall is a combination of hardware, software and security policies used to protect a private network. Most people, however, refer to a "firewall" as either a piece of hardware or a piece of software. How do these tools work? Internet programs operate on predefined ports, so network administrators can allow or deny access to certain programs by enabling or restricting access to these ports. For example, FTP (file transfer protocol) operates on port 21, telnet (remote log-on) on port 23, SMTP (outgoing mail) on port 25, HTTP (Web server) on port 80 and POP3 (incoming mail) on port 110.
o For single computers: Consider software firewalls, which cost about $50. See CNET, www.cnet.com/software/1,11066,0-352108-1202-0,00.html, for reviews of various packages.
o For small multicomputer networks: Consider a hardware firewall. Many routers come with integrated firewalls, which typically include default settings with strong security. See CNET, computers.cnet.com/hardware /search/results/0,10121,0-7052-402-0,00.html, for pricing and reviews. I use an Asante FriendlyNET FR3004LC Cable/DSL router ( www.asante.com) that includes a packet filtering firewall with NAT (Network Address Translation, which allows multiple computers to share one static or dynamic IP address).
o For large networks: Get a dedicated hardware firewall, such as those offered by WatchGuard, Nokia, Cisco or Check Point. For reviews and pricing, see Network Computing, www.networkcomputing .com/compareit/comp-1308b.html.
o More security: For a good overview of other systems security technologies-including encryption, antivirus, monitoring, password-protection and hard disk and file cleaning programs-go to Securitypointer.com, www.securitypointer.com. You can also check for pricing and reviews of various programs at www.cnet.com.
Erik J. Heels ( firstname.lastname@example.org) is a patent attorney and nothing.but.net columnist for LPM magazine.