A personal firewall is an application that controls network traffic from and to a computer, allowing and denying communications based on a security policy. Generally, it works as an application layer firewall. A personal firewall is different from a conventional firewall concerning scale.
A personal firewall generally only protects the computer on which it is installed in comparison with a conventional firewall that is usually mounted on the desired interface within two or more networks like proxy server or router. Thus a personal firewall enables a security policy to be designed for particular computers while a conventional firewall controls the system within the networks that it connects.
The per-computer scope of personal firewalls is needed to protect machines that are transferred across various networks. Its example can be illustrated as a laptop computer might be required on a trusted intranet at a workplace where minimum protection is useful as a conventional firewall is already is designated place and service that needs ports like printer and file sharing are needed.
The same laptop can be utilized at public Wi-Fi hotspots where strict security policy is needed to secure from malicious actions. Most of the personal firewalls would allow the user when a new network is connected for the first time to decide the level of trust and could set particular security policies for each interface.
Many personal firewalls, unlike any network firewalls, are capable of controlling network traffic allowed to programs on the computer where the firewall is already installed. When an application tries an outbound connection, the firewall might stop it if it is blacklisted or ask the user if to blacklist it if it is not known yet. This projects against malware implementation as an implementable program. The personal firewalls might also give some level of intrusion detection enabling the software to end or stop connectivity if it suspects an intrusion is being tried.
The firewall has some features that are included below:
It blocks or alerts the user about all unauthorized inbound or outbound connection attempts. It hides the computer from port scans by not responding to unsolicited network traffic. It allows the user to control which programs can and cannot access the local network and the Internet and provide the user with information about an application that makes a connection attempt.
It monitors applications that are listening for incoming connections. It prevents unwanted network traffic from locally installed applications. It controls and regulates all incoming and outgoing Internet users. It tracks recent incoming events, friendly events, and intrusion events to see who has accessed or tried to access your computer. It blocks and prevents hacking attempt or attack from hackers. It provides information about the destination server with which an application is attempting to communicate