To prevent access to your system from outside via the network, the use of a firewall is recommended. By targeted limiting of network traffic, this not only prevents unwanted attacks from outside, but also, where infection of the system has occurred, can prevent the malware program "calling home" and, amongst other things, downloading further malware or transferring your own system data to the attacker.
Two fundamentally different firewall types are distinguishable, hardware- and software-based firewalls.
Hardware-based firewalls are physically positioned between the internet connection and a network which is to be completely protected. Many DSL routers already have basic firewall functions. Hardware firewalls logically separate an internal network which is to be protected from an external network (Internet).
Software firewalls are already integrated in current operating systems, but admittedly do not always have the comprehensive functional scope of separate firewall software. Firewall software is installed directly on the PC to be protected and controls the network traffic to and from the system to be protected. This type of firewall is also referred to as a "desktop firewall" or a "personal firewall".
The firewall determines, by means of a special rule set, which network packets may pass and which packets are blocked. The differentiation between permissible and blocked packets can, in this respect, be made using various criteria. On the one hand, IP addresses and port numbers can play a role, on the other the decision of whether a connection is permissible or not can be made based on the application that initiates a connection to the local system.
If a connection is made which is not covered by the rule set, then, dependent on the firewall defaults, an interactive dialogue gives the option of creating a new rule. In the future, this then automatically permits the connection, blocks it or prevents it without any query. This is of course dependent on how "keenly" the firewall is configured.
As confirmation dialogues may overload users with requests during the start-up phase, particularly inexperienced users, the firewalls contained in the G DATA security products offer a so-called autopilot mode. If this is activated, the inquiry dialogues are dispensed with. The firewall then decides, in conjunction with the virus scanner, whether an application can create network connections, in that the process which wishes to create the connection, is first checked by the virus scanner. Online gamers will also benefit from the autopilot function, as the connection between the game software and gaming server can be made without any necessity for the player to leave full-screen mode in order to confirm the firewall dialogue. At the same time, only legitimate connections are permitted, attackers, who wish to access the computer from outside, have to remain outside.