The purpose of this article is to share the top 5 free firewalls for Windows in 2022. Having good cybersecurity at home should be on everyone’s priority list. Hackers continue to exploit vulnerabilities of major websites like Facebook, LinkedIn, Twitter, and many others. Malware, ransomware and phishing sites are uploaded to websites that get hijacked. When that happens, unsuspecting users become victims.
What’s worse is that home routers are horrible security devices. These devices can be tricked into accepting internet traffic that you never requested. This can lead a hacker straight to the devices on your home network. Hackers can view all the devices on a network and send malicious payloads at will once they are in. The only thing protecting your device from receiving traffic it did not request is a good firewall.
What does a firewall do?
A firewall inspects internet traffic for multiple things.
- A firewall makes sure that traffic that is coming into the network has been requested. It tells us whether the traffic coming in is legitimate. For example, if you went to a website, your computer is requesting data from that website. Therefore, the traffic is valid and legitimate. If a website or IP address is sending you data you did not request, it is illegitimate.
- A firewall will automatically block ports that are not relevant to what you do. If you don’t use an FTP service, you don’t need port 20 or 21 open. If you don’t use Internet Relay Chat (IRC), port 193 should be blocked.
Modern firewalls have more features than just port blocking and ensuring that internet traffic to your home network is legitimate. They can do things like automatically block known bad internet sites. Firewalls can restrict bad content like gambling or adult websites. They can also do things like prevent sensitive information from going over the internet. More advanced and sophisticated firewalls have EDR integrations, like FortiEDR and FortiGate from Fortinet.
What are the top 5 free firewalls for Windows in 2022?
The top 5 firewalls for Windows in 2022 have been ranked according to their ease of use, features, and effectiveness.
ZoneAlarm
ZoneAlarm ranks first on the list of top 5 firewalls for Windows in 2022. ZoneAlarm is maintained by CheckPoint Software, the industry’s leading firewall manufacturer for corporate enterprises. ZoneAlarm comes with three core services: antivirus, firewall, and mobility.
ZoneAlarm’s Application Control is really what sets it apart from Windows Defender Firewall. Application Control prevents unauthorized programs from accessing the network and acting as a server as well as other malicious-style behavior. For example, it can prevent exploiting kernel timing vulnerabilities. It can also prevent untrusted programs from launching trusted programs for Internet access. Additionally, it can also prevent malicious applications that try to abuse standard Windows service calls.
The antivirus feature is similar to Windows Defender Antivirus but it also incorporates Behavioral Scanning. Behavioral scanning detects malware that has never been seen before. It watches what a file does versus based on a known virus signature. An example of this is a PDF file trying to inject code into a Windows System file. The typical antivirus would not catch this if it had not been already catalogued. However, because of Behavioral Scanning, ZoneAlarm would be able to see this activity and quarantine the virus.
The last feature for ZoneAlarm is its Mobility service. Mobility safeguards your identity with monitoring and alerting of sensitive information. With Mobility, you can enter predefined sensitive information and create rules to block it from leaving your computer. For example, you can enter your social security number (it will be encrypted) and ZoneAlarm will identify anytime your social security number is at jeopardy of leaving your computer. The only exception to this is any sites you tell it to trust, such as your bank.
Windows Defender Firewall Overview
When talking about firewalls for Windows, it is imperative to discuss the native Windows Defender firewall. This comes built into the Windows Operating System. Windows Defender Firewall is a good basic firewall. It creates inbound and outbound rules based on the applications you use. When you install a new application, User Access Control (UAC) will prompt you. It will ask if you want to let the application make changes to Windows. This will open needed ports for the application and routes to the application vendors network if needed.
Windows Defender Firewall will also change your network security settings depending on public or private Wi-Fi settings. On private Wi-Fi, your computer becomes discoverable so that file sharing can happen between computers if desired. The computer’s discoverability is disabled while on public networks. Therefore, it won’t show up on public networks.
More advanced rules can be created, such as blocking FTP services while on a public network, for example. Another example is blocking port 80 while on a public network. This prevents potential sensitive data being transmitted unencrypted wirelessly is another example. These are good rules to add, but this is the extent of Windows Defender Firewall. This is people seek out third party firewall solutions.
TinyWall
TinyWall is a basic light-weight firewall with some nice features that are not available in Windows Defender Firewall or ZoneAlarm. For example, it can block the internet when your computer goes into Power Save mode. It also provides a nice display of applications and the associated outbound and inbound IP addresses, which can not only be useful for identifying potential malicious applications talking to a command-and-control server, but also useful for troubleshooting.
You can also quickly see what ports are open and actively listening on your computer. This is helpful in determining if there are any open ports that should not be open. TinyWall is a good basic firewall that is easy to download, install, and use. But it lacks features that ZoneAlarm has, such as Antivirus with Behavioral Scanning and Data Loss Prevention. TinyWall is a good choice if you’re just looking for a basic firewall with some advanced features.
Malwarebytes Firewall Control
Malwarebytes Firewall Control is another good basic firewall with some advanced features. It has a lot of the same features that the other vendors provide like location-based firewall rules for public or private networks, but it also provides some security enhancements that the others do not. Malwarebytes Firewall Control provides Secure Boot, Secure Profile, and Secure Rules.
Secure Boot is good because it provides the ability to automatically block all connections at start up until you manually change the profile. This can be useful if you are troubleshooting a malware situation as it will prevent malware from using your internet connection to communicate to a command-and-control server.
OpenDNS Home Internet Security
OpenDNS is not a firewall in the traditional sense. However, OpenDNS is a powerful network security tool that it needs to be shared. In a sense, it does offer firewall-like capabilities. OpenDNS provides DNS-Layer protection, URL filtering. A lot of commercial grade firewalls now include this in their basic security packages. What URL filtering and DNS-Layer protection provides is an automatic detection and blocking of known bad websites. For example, you can set a rule to block a predefined set of websites, like adult or gaming websites. It will also block connections to known malicious IP addresses and websites. OpenDNS will automatically block you from visiting websites known to be distributing malware or phishing for passwords. It will also tell you why you were blocked.
What makes OpenDNS really powerful is that you can protect all the devices in your home at the router level. It works by changing your router DNS entry to the DNS entry that OpenDNS provides. This will block all known malicious traffic to and from your home network. It does this all while allowing you to monitor and review the bad connections that are flowing from your network.
OpenDNS is powerful because it is connected to a curated database of known bad IP addresses and websites. This database is continually being updated by threat researchers. The only downside to OpenDNS is that it can take some advanced configuration skills in order to set up. To counter that, OpenDNS has created an intuitive guide on their website to help.
Which of the Top 5 Free Firewalls is Best for You?
In conclusion, there are several firewall vendors available on the web that you can search for and download. Several firewalls did not make the list. The reasons for that are the following:
- Firewalls were difficult to download and install, requiring sign up processes
- Firewalls raised red flags and security alerts from Windows Defender when trying to download
- Firewalls required a Linux operating system or required a physical device to act as a network firewall versus an operating system firewall for Windows.
- Firewalls were vastly out of date, with some of them having latest releases dating back to 2011.
- Some tools are marketed as a firewall, but are really more network monitoring tools than firewalls.
Each firewall has unique capabilities that make it different from the others. In order to select the best firewall, you should think about your needs and match it up to the unique capabilities that each firewall offers.