If you have a wifi router, you likely already have a measure of protection from intrusion in the form of a built-in hardware firewall. Additionally, you may have a software firewall built into your operating system, such as Windows Defender for Windows users. According to the AV Test Security Report 2017/2018, Windows is by far the most attacked operating system, so built-in protection makes sense.
However, these firewalls aren’t perfect and you may find yourself in need of extra protection. And it’s not just Windows users who should be concerned. No operating system is immune to attack, so no one should be complacent about the vulnerability of their internet-connected devices.
Installing antivirus software as well as an additional firewall is your best chance of keeping your equipment malware-free. Thankfully, you don’t have to break the bank when it comes to third-party software, or even pay a penny. We’ll cover each firewall in detail, but if you’re just looking for a quick list, these are the best free firewalls:
- Sophos XG Firewall Home Edition
- ZoneAlarm Free Firewall 2019
- AVS Firewall
- Avast Free Antivirus
- Comodo Free Firewall
- Outpost Firewall
- OpenDNS Home
The following sections will explain what each of these has to offer:
The Best Free Firewalls of 2019
You don’t need to pay for a top quality firewall because some of the leading cybersecurity companies produce free software that will protect your computer.
Here’s our list of the best free firewalls for 2019:
Sophos is a rising star in the cybersecurity industry and its excellent business protection software is also available for home use. This security system is unusually advanced compared to the standard firewall software. It isn’t just a computer security system, it is a network security system.
Given that most homes now run multi-user wifi networks, the Sophos approach to whole home cybersecurity coverage is a concept that is long overdue. Essentially, you get all of the system protection controls that you would for a business, but for your home network.
That being said, there is a major infrastructure requirement of this free firewall that may put you off. Sophos XG has its own operating system (OS) and when you install it on a computer, it wipes out the existing OS and all software installed on that device. You won’t even be able to reinstall your Windows-compatible software once the Sophos XG OS is running. The host computer needs to have four cores and 6 GB of RAM.
If you have a spare computer, then this firewall option is light years ahead of the competition. It includes anti-malware, and gives you web security, connection privacy, and URL filtering. Within the network, you get application control, an Intrusion Prevention System (IPS), and traffic-shaping features. The console includes a network monitoring and reporting dashboard, providing all the system management facilities that large companies enjoy on their networks.
ZoneAlarm Free Firewall installs on Windows 7, 8, 9, and 10. This system has some great extras, which makes it a good choice for home wifi networks and laptops that connect to the internet in public places. All you need to install it is an internet connection for the download and an email address for the activation.
The firewall includes a “stealth mode” which protects your connections from hackers, includes identity protection services, and blocks malware. If you are in the US, you can call on the company for victim recovery assistance in the case of identity theft.
The software will add an extra layer of protection to your connections when you connect to public wifi hotspots and it assesses the security of your home wifi network to improve protection from attacks. It updates itself automatically, so you benefit from an up-to-date threat protection database.
3. AVS Firewall
The AVS brand is owned by Online Media Technologies Ltd. However, the company doesn’t make its firewall software easy to find on its website. Alternatively, you can download it from Tucows or Softpedia among other free software distribution sites. This firewall runs on all versions of Windows from XP to Windows 10.
The firewall will block incoming connection requests and it includes other security measures. These include the ability to select which applications on your computer are allowed to connect to the internet and a security level feature. The software monitors activity in the registry and blocks alterations. This is a very important protection measure against worms and persistent malware.
The AVS Firewall provides surfing protection as well as system security. These measures include an ad and popup blocker and parental controls. You can allocate bandwidth usage limits to devices, applications, or programs.
Avast is a major player in the antivirus market and its AV software packages include firewalls. The company produces a free antivirus package that will give your home computer complete protection from cyber attacks. This software runs on Windows, MacOS, and Android.
The antivirus module of this package includes live updates for the threat database which gives you instant coverage when the company discovers a new virus. The software also creates a Sandbox environment on your computer. This is useful if you like to download new software from untrusted sources as you can try out your new utility without the risk of it releasing hidden viruses onto your computer.
Wifi security in this package monitors for intruders and network weaknesses, and online protection includes a password locker and fake site detection that guards against DNS hijacking.
Comodo is an award-winning cybersecurity software house that produces a firewall for all versions of Windows from XP through to Windows 10. The paid firewall has a free alternative, which the company claims is the world’s #1 free firewall.
As well as blocking incoming connections, this software package will monitor your computer for ongoing threats, with a constantly updated threat database. The monitor alerts you in real-time to detected risks. You get a Sandbox environment for any new software you download to protect from hidden viruses. The system uses AI to build up a profile of normal operating behavior on your computer so that it can block suspicious activity. You can choose to block specific applications from accessing the internet while the software monitors all outgoing traffic as well as inbound data.
Other features include a browser cleanup utility and a games mode to enable interactive applications to operate over the internet.
The developer of TinyWall, Károly Pados, came up with the clever idea of producing an enhancement for the native Windows firewall, Windows Defender. So, unsurprisingly, this utility is only available for Windows.
The ethos behind the development of TinyWall is that it should be unobtrusive. The program runs all the time and shows as an icon in the system tray. You click on the icon to view the popup menu of the system. This means that threat information is available on demand. The good point about that is that you won’t get your computer frozen by an overlay when you are in the middle of something. However, on the downside, threat alerts are easy to ignore, which is a risk.
As a free utility that’s meant to be lightweight (it only takes up 1 MB of space on your hard drive), this firewall doesn’t have many features. You can whitelist applications to prevent your important programs from being blocked, but that’s about it.
The maker of Outpost, Agnitum Ltd, was sold to Yandex, the Russian Google, in 2017 and at that point shut down its own website. You can’t get this firewall directly from the company anymore, but it is available from software distribution sites, such as Filehippo and Softonic.
You might wonder why a seemingly abandoned firewall is on this list. It’s here because it deserves to be. Agnitum licensed its firewall to other security companies, so this is actually the firewall that you get from other big name cybersecurity providers, including Sophos. Although the paid Outpost Firewall Pro is no longer supported, the free firewall is still going strong.
Features of this excellent security utility include automatic whitelisting for well-known software, an anti-leak module that blocks suspicious outgoing messages, a file and folder lock, and an ad and popup blocker for web surfers.
GlassWire is network monitoring software as well as a firewall, and it’s free to use. This package installs on Windows 7, 8, and 10. Although this software would be ideal for a small business network, it’s also marketed for home use. The firewall can be set up with several profiles so it behaves differently in each given scenario. For example, you can have a home network setting and a public wifi profile.
As well as blocking incoming connections, the suite enables you to monitor bandwidth usage, throttling some apps to make more bandwidth available to key applications. The traffic management functions go down to port number, program, and process.
The monitor is always on and it tracks all activity on your computer, looking for suspicious anything suspicious. Like TinyWall, the firewall functions of GlassWire are actually just a management interface to the native Windows Defender.
Privatefirewall is a product of Privacyware. The company’s feature product is ThreatSentry, a security system designed for business networks. The company is not so interested in Privatefirewall anymore and it doesn’t even mention the product on its own website. However, you can download it for free from software distributors, such as CNet, and Softpedia. The program will run on Windows from XP up to 8.1 – there isn’t a version for Windows 10.
As well as being a firewall, this utility is a host-based intrusion detection system. It examines the log files on your computer to look for worrying events. It will also protect those log files from unauthorized alteration or deletion, which is a track-covering trick that some malware uses.
The regular firewall features of this suite include whitelisting and blacklisting functions, as well as content privacy controls such as text copy shutdown and clipboard monitoring. The interface for the firewall is a popup context menu that you activate by right-clicking on the program icon in the system tray.
The tool will also monitor email activity, disable infected or banned websites from loading, and block internet activity from a specified address.
10. OpenDNS Home
OpenDNS is a business network security system that also has a free Home edition. This firewall covers all of the internet-active devices in your home, including DVRs and smart TVs, computers, tablets, and smartphones. It’s a great choice for families because it includes parental controls.
This system is cloud-based, so you don’t have to install any software. Instead, the service changes your router settings to channel all of your internet traffic through the OpenDNS server. This is what the industry calls an “edge service” and it will also protect you from other hacker actions, such as DDoS attacks.
Do I need a third-party firewall?
Businesses religiously install firewalls to protect their resources from attack (see Best Web Application Firewalls), but the general public has become less interested in this form of protection. A big reason for this complacency is that protection is often built in to devices.
At home, wifi routers offer protection against attack from the internet in the form of a hardware firewall. However, the advent of Trojans means that this incoming connection request block is no longer enough; Trojans will open up outgoing connections back to base and invite in other viruses.
Popular operating systems often come with their own software firewall, such as Windows Defender in newer versions of Windows. However, this is a rudimentary firewall that could do with a lot more options, which you get with third-party firewalls.
Note that if you do have firewalls built in to your router or operating system, you need to make sure they’re enabled. A disabled firewall is as useless as not having one at all.