Firewall Basics on Your MacBook - dummies

By Mark L. Chambers

A firewall is a piece of hardware or software that essentially builds an impermeable barrier between the computers on your side of the wall (meaning your MacBook and any other computers on your network) and all external computers on the other side of the wall (meaning the rest of the Internet).

But wait a second — if other computers can’t reach you and your MacBook can’t reach them, how can you use the Internet at all? Ah, that’s the beauty of today’s firewalls. By using a series of techniques designed to thwart attacks from the outside, a firewall allows you to communicate safely, even monitoring what you send and what you receive for later examination.


A firewall sounds grand and incredibly complex and highly technical — and sometimes it is — but it can also be quite simple. For example:

  • You can spend anywhere from $50 to thousands of dollars installing sophisticated firewall hardware and/or software . . .


  • You can activate your firewall by disconnecting your laptop’s dialup, digital subscriber line (DSL), or cable modem from the wall socket.

Believe it or not, both of those examples technically involve a firewall. In the first case, the firewall is a physical, tangible presence on the network; in the second case, the lack of a connection to the Internet actually acts as a firewall. (Think of it as the Air Firewall . . . no relation to the MacBook Air.)

If you’re running a web site or downloading a file from your company’s FTP site, yanking the connection when you head to bed isn’t an option. Therefore, most will install a physical firewall through hardware or software.

Do you already have a firewall on your MacBook?

In some cases, you might already be using a hardware firewall and not even know it. For example, many Internet-sharing devices include a built-in NAT firewall. NAT stands for Network Address Translation, and it’s the most effective and popular hardware firewall standard in use by consumer devices.

If you’re using an Internet sharing hub or router, check its manual to determine whether it offers NAT as a firewall feature. If so, turn it on if NAT isn’t enabled by default.

Note the options to disable port scanning and ping responses, which are two tricks that hackers often use to detect what’s often called a hot computer — meaning that the computer can be identified and is accessible to attack. (Wireless networks are notoriously hot.)


How to use the internal Mac OS X firewall

Mac OS X includes a powerful internal firewall, which Lion makes very simple to use! Most MacBook owners will be perfectly satisfied with this built-in firewall, which is configured through System Preferences.

How to use a commercial software firewall

You’ll also find a number of popular alternatives to Lion’s built-in firewall on the market, many of which offer more control over individual applications and more configuration options than your Mac OS X firewall.

For example, consider Intego’s NetBarrier X6, which comes with a number of preset configurations that allow you to choose a basic firewall for your network environment with a single click, along with antispam and antiphishing features.