Advanced Security

Update June 2019, mostly still current!

This section is not for beginners but have a read anyway. I’ve already covered the basics of having Antivirus and preferably an Internet security suite. If you are running Windows 10, IMO, you don’t really need any other antivirus or Internet security suites because Windows 10 security looks after the security in a “holistic” manner.

Advanced security is mainly about “layered Security” but it is not all that difficult. If you have read the “Basic Security” bit, you will see me talking about having the door of your home open for all and sundry to just walk in invited or not. Ok, when it comes to computers you might not know that they don’t have just one door; they have 65000+ doors which can all be considered “back doors” e.g. doors that can be got in with just a little knowledge.

The doors on a computer are actually called “Ports”. A lot of these Ports are legitimately used as part of the normal operation of your PC when connected to a network such as the Internet, I could go on and bore you to tears but I won’t. The way to protect those Ports (open doors) is to close them – that was easy!  Unfortunately some Ports have to be left open for legitimate network traffic so what you need is a sentry or doorman standing guard at these doors. The sentry would in effect check the credentials of anyone trying to come through the door (port).

The way you would do that is to have something called a “Firewall”.(built-in to Windows10)  At the most basic level your PC would have a firewall as part of the Internet security suite that you have installed but that is only one layer of defence.  At the advanced security level, you would have a separate Firewall. You would of course also have secure passwords and carry out the free common sense actions that I’ve talked about in the basic security.

Ideally your ISP would provide you with something called a router and if you are lucky the router will include a built-in Firewall which basically closes all Ports to incoming network traffic but allows legitimate traffic through. This system could be described as “Border protection“. Think of it as having a sentry on your garden gate and then the security you have on your PC would be like having a sentry on the door to your house so there you have a 2 layer protection.

Most ISPs now supply WiFi routers (we will ignore the security pitfalls of WiFi for the time being) and most of these have the built-in firewall. Unfortunately some of the really basic (not always cheap) WiFi routers only have very basic Firewall facilities but the better ones are more configurable to allow you to get the best security.

For those who’s ISP don’t provide a router (WiFi or not), the best option is to buy one, visit the Firewalls page and then have a look at our suppliers page, you should be able to find something to fit your pocket! One of the advantages of having a router is that you can share your Internet connection with several PCs. (Most Internet users now use a router with built-in 4 port switch and WAP (Wireless Access Point) and most ISP provide the kit)

When choosing a router, look for something called SPI (Statefull Packet Inspection) – no don’t ask it will take a while to explain that! In addition look for “Content filtering“, this allows you to filter out websites with undesirable content.

For the really advanced people reading this, you could of course build your own Firewall using an old PC! Just stick in an extra network card or two and install Linux Smoothwall or something similar; you would be hard pressed to find anything better and the best news is that Smoothwall is FREE. It is fairly easy to set up and most default settings are adequate for general use.