I’m really confused. With the new Windows XP SP2 Security Alert System, do we still need a firewall to stop outbound traffic? If we get a router, (LINKSYS), does that take care of everything, which means we need to disable Windows Firewall to avoid false alarms?
There’s a lot of misunderstanding about firewalls, routers and other security software. Windows XP2 SP2 definitely puts security, and particularly the firewall, “in your face,” so it’s a great opportunity to find out what you need and what you don’t.
A firewall filters incoming traffic. A previous article, “What’s a firewall, and how do I set one up?,” covers this in more detail, but the bottom line is that a firewall protects you from certain classes of incoming problems.
Everyone should have a firewall of some sort.
In general, hardware firewalls, typically provided by NAT routers, keep malicious traffic from ever reaching your computer, whereas software firewalls, such as the Windows firewall, discard malicious traffic after it has actually arrived at your computer.
But you don’t need both.
If you have a router with NAT enabled, then there’s no need to enable the Windows firewall. In fact, you can tell the new Windows Security Center that you’ll manage your firewall yourself. “What’s this new ‘Security Center’ thing in XP service pack 2 all about?” has more on configuring the firewall.
If you’re not behind a router or other firewall, you’ll want to turn on the Windows firewall. This is what I do when I take my laptop with me on the road.
Now, one word in the original question concerns me: “outbound.” Firewalls typically handle protecting you from incoming traffic. Neither a typical router, nor the Windows firewall, will filter or manage outgoing traffic. For that you need either a significantly more expensive industrial strength router, or one of the more complete firewall and security packages such as ZoneAlarm.
Personally, I’m quite happy behind a router, and if you’re behind one, I don’t commonly see a real need for the added expense.