Pinterest Stumbleupon Whatsapp
Advertisement

Dig through your Mac’s settings and you’ll find a firewall, turned off by default. Isn’t that insecure? Why would Apple be so irresponsible?

Don’t panic: this doesn’t mean your machine isn’t secure. The firewall in question lets you block incoming traffic to particular programs, meaning it’s only useful if there are programs on your computer that you’d like to restrict in terms of incoming information.

If that’s not the case, and if you use the Internet primarily behind a secure router, you probably don’t need to enable a firewall at all.

What Do The Experts Say?

A lot of general tech advice is really only true in particular situations – and “you need to have a firewall turned on or you’re not safe” is a good example of that. This isn’t to say that firewalls aren’t helpful – they can be, in some circumstances. But simply installing and turning one on isn’t going to be helpful in all cases, particularly if you don’t know how to configure it.

If none of this means anything to you, at all, you’re probably best just leaving the firewall turned off.

mac-firewall

Advertisement

It’s possible I’m out of my depth here – I’m a software usability guy, not a security expert. Thomas Reed, on the other hand, knows what he’s talking about. He’s the longterm blogger behind The Safe Mac, a site that’s been documenting Mac security trends for nearly a decade. He argues that you don’t need a firewall on your Mac:

For the most part, the average user does not need a firewall.  A firewall is not a magical solution to problems like malware and spam, and is not much use at protecting a system that is left unsecured.

My one-time colleague Chris Hoffman, writing for HowToGeek, came to a similar conclusion:

In summary, a firewall isn’t really necessary on a typical Mac desktop, just as it isn’t really necessary on a typical Ubuntu Linux desktop. It could potentially lead to more hassle with setting up certain network services. But, if you feel more comfortable with it on, you’re free to enable it!

This seems to be the consensus out there on the web: firewalls are great for power users, who understand what a firewall is for and know how to properly configure it to achieve what they want. For everyone else, enabling a firewall is unnecessary at best and infuriating at worst.

Still, if you want to turn a firewall on and configure it, you’ve got options. Let’s go over them.

Turning On Apple’s Firewall

Not all Mac users know this, but there’s been a built-in Mac firewall since Snow Leopard How To Enable the Firewall In Mac OS X Snow Leopard How To Enable the Firewall In Mac OS X Snow Leopard Since we rarely hear about security problems with Apple hardware, we Mac users often ignore some of Apple's basic security applications and features such as the Firewall. It’s easy to set up, but there are... Read More . You’ll find it in the System Preferences, under Security.

mac-security-firewall

As we said, this is off by default. Turning the firewall on is easy:

mac-turn-on-firewall

If this option is greyed out, you’ll need to click the lock at bottom-left and enter your password before you can do this. Once you do you’ll be able to access additional options:

mac-firewall-settings

You can block particular applications from inbound requests. Note that you cannot stop applications from making outbound requests using this firewall, which is why many opt for more advanced options.

Other Mac Firewall Options

In addition to the firewall included with OS X, there are a selection of third-party tools that provide control over incoming and outgoing connections, as well as which software can send and receive information over the Internet.

Murus ($10) — A Better GUI for The Built-In Firewall

Apple’s built-in firewall is Packet Filter, a powerful firewall commonly known as “pf” and well-known to Unix users. The default GUI, outlined above, doesn’t give you access to many of pf’s features, which is where Murus comes in. For $10 this app gives you control over inbound and outbound requests, and a lot more.

murus

There’s a free version to download if you want to get a feel for what’s offered, though you’ll need to pay up if you want control over outbound requests.

Little Snitch ($35) — Top-Class Firewall for OS X

Another popular Mac firewall is Little Snitch, which notifies you when any program is accessing the Internet Which Apps Are Using Your Internet Connection? Find Out With Little Snitch [Mac OS X] Which Apps Are Using Your Internet Connection? Find Out With Little Snitch [Mac OS X] We've shown you how to enable the included firewall in OS X, but it's quite limited. It allows you to block traffic on a per-app basis, but beyond that there's not a lot of configuration... Read More and lets you decide whether they should have access or not. For $35 it’s not exactly cheap,

This is a popular product that packs in the attention to detail, so look into it if you’re seriously contemplating setting up a firewall or you specifically want easy, GUI control over individual applications.

Private Eye — A Free Network Monitor

If you like the idea of seeing which programs are using your Internet, but don’t necessarily think you need the full firewall experience, I highly recommend checking out Private Eye.

private-eye

With this app you can monitor, in real time, which of your applications are accessing the Internet and what specific URLs they’re accessing. This has all sorts of uses, from figuring out whether your Mac has malware I Think My Mac Has A Virus! 3 Ways You Can Tell I Think My Mac Has A Virus! 3 Ways You Can Tell Is your Mac acting kind of... weird? Whether you're seeing adverts you can't explain, or your system is unreasonably slow, you might think the problem is malware. But you're probably wrong. Read More to working out which programs are using bandwidth constantly.

The Take-Away: Learn to Use Your Firewall

If you know how a firewall works, and are willing to take the time to configure it properly, go for it! Turning on the firewall won’t hurt anything, especially as most port ranges need to be opened manually if you are accessing the Internet via a secured router.

If you’re not sure, there’s no particular reason to turn it on. A firewall can add an additional layer of security, sure, but that doesn’t mean your system is any more vulnerable without one turned on.

Do you use a firewall with Mac OS X? Which one and why?

Image Credits: Fire ring Via Shutterstock

Leave a Reply

Your email address will not be published. Required fields are marked *