Modern Smart Firewall Guard

Most operating systems have a built-in firewall, you can configure and tune its settings to fix things forever.

Network Firewall: To block unauthorized content and code from the network while ensuring the unimpeded flow of data packets vital to the operations of the enterprise. They are designed to intercept external incursion.

DNS Firewall: Present users or servers on the network to connect to known or suspect public internet addresses outside the system.

Modern smart Firewall Guard enables you

To block or allow specific IP addresses or protocols, unauthorized connections

Act as VPNs or HTTPS inspection proxies

Filter ports, URL's, attachments and sockets

Stop DDoS attacks, block upper layer attacks

Perform intrusion detection or prevention.

It comes with features like patch discovery and inline patching.

Firewall Examples

Zone Alarm, Little Snitch for Mac, ConfigServer for Linux Server, Mac Keeper

Next Generation Firewall (NGFWs)

Effective against modern attacks in which an unauthorized hacker or malware program connects to an unprotected or vulnerable listening service or daemon.

For both client-side and network protection

Does deep packet inspection with intrusion detection and the ability to examine encrypted traffic.

Why you need a Firewall?

Your computer or network is unsecured and had weak passwords

Not patched or have buggy software thus allowing anyone to log in, connect and exploit

You wish to block unauthorized connections.

Operating Systems itself does contain bugs which are exploitable.

Other Security Measures

Anonymous NETBIOS connection in Windows, which Microsoft block it by default from Windows XP onwards.

: Routers provide a better and faster way to block unauthorized IP addresses or protocols. Its upper layer code and rule sets drop unwanted traffic. Use of DMZ and authorized networks which forwards to DNS services or queries public DNS directly and then compare query or response against a blacklist of known entities harmful to the organization.

Always-connected Internet access

Port 21 blocking : Ports like 21, 143 are not used these days. Ports with encryption 465, 587, 993 995 are only used.

Email Provider IMAP Settings POP Settings SMTP Settings AOL Server: imap.aol.com Port: 993 Encryption: SSL/TLS Server: pop.aol.com Port: 995 Encryption: SSL/TLS Server: smtp.aol.com Port: 465 Encryption: SSL/TLS Gmail Server: imap.gmail.com Port: 993 Encryption: SSL/TLS Server: pop.gmail.com Port: 995 Encryption: SSL/TLS Server: smtp.gmail.com Port: 465 Encryption: SSL/TLS iCloud Server: imap.mail.me.com Port: 993 Encryption: SSL/TLS Server: Port: Encryption: Server: smtp.mail.me.com Port: 587 Encryption: STARTTLS MSN Server: imap-mail.outlook.com Port: 993 Encryption: SSL/TLS Server: pop-mail.outlook.com Port: 995 Encryption: SSL/TLS Server: smtp-mail-outlook.com Port: 587 Encryption: STARTTLS Office 365 Server: outlook.office365.com Port: 993 Encryption: SSL/TLS Server: outlook.office365.com Port: 995 Encryption: SSL/TLS Server: smtp.office365.com Port: 587 Encryption: SSL/TLS Outlook.com Hotmail.com Live.com Server: imap-mail.outlook.com Port: 993 Encryption: SSL/TLS Server: pop-mail-outlook.com Port: 995 Encryption: SSL/TLS Server: smtp-mail-outlook.com Port: 587 Encryption: STARTTLS

Above table content coutesy by: https://support.office.com/en-us/article/pop-and-imap-email-settings-for-outlook-8361e398-8af4-4e97-b147-6c6c4ac95353

Further Improvements Required

Firewall not good at stopping the client-side attacks. Whenever the user clicks the malicious code which initiates allowed outbound connection and allowed resulting inbound connection to a user's computer.