1.3 Do you need a firewall for your smartphone?
The typical argument is – “My computer has access to the Internet and requires a firewall. So, why not my smartphone?”
The answer is both yes and no.
There is a primary difference in the way the apps on the smartphones are used – they are typically clients accessing services from a remote server, unlike in the case of your computer, which has the capability to provide services to other users over the network. This is what is often exploited by attackers. The smartphone and its apps do not provide services to any other smartphone or computer. Therefore, there is no specific need for a firewall that filters incoming and outgoing data traffic.
However, there is ample scope for malware penetrating the smartphone and causing unwanted data traffic that is unsafe. Such traffic going out of your phone can be controlled by firewall functions available in what are termed as ‘Firewall’ apps. Some Firewall apps available for Android and iOS are listed below:
- NoRoot Firewall, NetGuard, Mobiwol for Android OS
- Guardian, Lockdown for iOS
Activity 1 Firewall
Rules play an important part in administering firewalls. The rules govern what network traffic can enter or leave your personal computer or network. Most firewalls come with some preconfigured rules, but most likely you will have to add more rules. After the rules are in place, a firewall examines all network traffic and drops the traffic if the rules prohibit it. The firewall rules may include:
- Allow everyone to access all websites.
- Allow outgoing email from the internal mail server or your personal computer.
- Drop all outgoing network traffic unless it matches the first two rules.
Now, imagine you are a network admin for an office that trades stocks and shares. These are the company’s requirements:
- You want the staff to access the internet to keep track of the stock markets and other financial information.
- You don’t want your staff to send emails to external contacts to avoid insider trading.
- Your staff should be able to communicate with each other on internal email.
Can you draft three rules to the firewall that you think would be appropriate for this company?
Note any ideas in the space provided below:
Answer
- Allow everyone to access all websites.
- Drop outgoing email to external contacts.
- Allow outgoing emails from internet mail server to internal contacts.