You’ve heard it before, but it’s worth repeating: The very best security is available in layers. The main focus of this article will look at one layer of peace of mind in particular, firewall program, and dissect the differences between Intego NetBarrier X9 and the firewall that’s included in macOS Catalina, Mojave, and High Sierra.

Apple’s Mac operating system, macOS, has a firewall built-in to avoid malicious incoming connections, and you may be also utilizing it at this time, but how will it compare to Intego NetBarrier? Do both firewalls offer the same protection or perhaps is one better than another? They are all great questions that we’ll clean up, but first, let’s cover some fundamental questions you might have about firewalls.

Why will i need a firewall?

You require a firewall since the information on your Mac is valuable, not just in you but to other people as well. Names, passwords, credit card details, contact lists, tax return information, and browsing habits are just a few of the things that can be used to make a quick buck by someone with malicious intent. If someone could possibly get use of the body, most likely through hacking or the utilization of malware, such information, plus much more, can be collected and taken. This information can then be utilised by that individual directly or sold online.

The best firewall will warn you when a connection attempt is built to or from your Mac, monitoring both incoming and outgoing connections, to be able to determine if it’s something you initiated and want to let through or not. The most basic firewall is only going to prevent unauthorized applications, programs, and services from accepting incoming connections.

How does a firewall work?

All the connections designed to and from your Mac are analyzed and compared to a number of lists. An example of such a list is one with approved applications and conditions in it. Skype may be permitted to send and receive data, but only to specific ports or domains. A firewall might have different rules set up based on location; for example, at home incoming network traffic in the local network is trusted, however when you’re at Starbucks using their Wi-Fi it's not.

At home, you may want an application or tactic to accept incoming connections, but at work you might not. As the initial training of a firewall might take some interaction and time, the firewall needs to learn your preferences and behaviors. Obviously, once that’s tried it will invariably follow your rules in the background. If a connection attempt is created that doesn't follow your rules, you're going to get notified.

You mentioned a much better firewall option?

Indeed, there are great firewalls and good firewalls. You would like your firewall to watch both incoming and outgoing traffic, and unfortunately the macOS firewall only monitors incoming traffic.

Hackers, port scans and other external attacks and probes need to be blocked, but let's say your Mac was compromised by malware? Malware eventually phones home which is an outgoing connection. The macOS firewall will let such connections go with no questions asked. Let's say you need to block metric and tracking connections produced by applications? There are many scenarios in which you may want to block outgoing connections, and also to do that and also to allow more fine-tuned controls in general, the macOS firewall just isn't enough.

Enter Intego NetBarrier X9. Intego’s NetBarrier X9 firewall program works much differently than macOS’s firewall. Here is an overview of the differences between the two firewalls.

Firewall Setup

The notion that less interaction together with your software programs are better doesn't necessarily apply to security products. You want to have an easy setup and configuration process while maximizing protection.

The macOS firewall could be enabled and configured in System Preferences > Security & Privacy > Firewall, and enabling is as simple as clicking the \”Turn On Firewall\” button.

The macOS firewall includes a default configuration, which you'll pull up by clicking the \”Firewall Options\” button. Any sharing services you may have enabled will automatically accept incoming connections and also the same goes for signed software. You might recall that most malware nowadays is signed by a valid certificate, so this option should certainly not be enabled, not to mention by default. You can add or remove applications from the list and select whether or not to allow or block incoming connections.

This configuration is identical regardless of what kind of network you're on. Home, at work, or on a public Wi-Fi network, the same settings apply unless you manually use and alter them every time. This really is, of course, not ideal because different environments pose different security risks.

Intego NetBarrier X9 requires a different approach – it asks you during setup what kind of network you're on, and then it automatically adjusts security settings based on the network environment.

Each location includes its very own pre-configured settings to ensure when the setup is done you enjoy maximum protection. The next step within the setup is a small guide that teaches you what's where, and when you close the tutorial you can begin exploring and fine-tuning the firewall.

Firewall Configuration

As I mentioned earlier, the macOS firewall lets you manually add or remove applications and choose when they allow or deny incoming connections. Applications you do not add which don't meet one of the criteria will trigger a popup if they receive incoming traffic. This popup is a basic \”allow\” or \”deny\” window. That's basically the macOS firewall from beginning to end.

During setup, NetBarrier X9 already showed a selection of locations. Each location features its own configurations that you can tweak and edit til you have it exactly the way you want it. When you switch between locations, the configuration you place up will become active right away.

The following firewall settings can be configured using Intego NetBarrier:

You can choose whether a credit card applicatoin or process is allowed to receive incoming connections or create outgoing connections. If you aren't sure what the right option is, then you can set it to \”ask,\” therefore it will warn you whenever a connection attempt is made. Here is an example:

Want even more control? Click the \”Advanced\” button for additional options.

This view will show you the Ip or domain a credit card applicatoin or service is attempting to connect to or receive connections from. You can then allow all connections or just this unique connection always or once. Granular controls such as these are part of what sets NetBarrier in addition to the macOS firewall.

And it's not just applications that can be configured using NetBarrier. Services, custom domains, IP addresses and processes can all be managed too. Do not want an application or service to connect with a particular Ip and/or a specific port? You can set it up being an exception in a few clicks. Unsure which ports or protocols a process or service needs? Select it from the list while establishing an exception and NetBarrier sets up for you personally. For instance, if you want to allow your VPN connection through at all times, but don't know which ports or protocols it requires, you are able to select it from the list and all sorts of right ports and protocols are positioned up for you.

More configuration can be done in the NetBarrier preferences. Here you can set a default profile that will be used when you join an unknown network and choose if you would like signed applications or system applications to be trusted .

Feedback and logging

Knowing what your firewall is up to can be very beneficial. This can help you fix any configuration issues you may have made or any other behavior you might want to address. Feedback lets you know what's happening right now while logs demonstrate what went down previously.

The macOS Firewall provides no feedback, so that as of High Sierra, has no logs which i found. Several places were checked and several tricks were tried to get some type of logging going, but nada. This isn't an uncommon concern, apparently.

Intego NetBarrier offers both feedback and detailed logging. Feedback comes in the form of several animations that easily let you see what kind of visitors are being allowed or blocked, in addition to which applications are listening for any connection, sending or receiving traffic.

You can also have a floating window around that shows you live application feedback.

And, of course, a log can be opened up at any time that teaches you exactly what happened previously.

Full customization, feedback, logging, different location profiles with their own configurations, ability to manage not just applications but also processes and services, and also the capacity to protect both outgoing and incoming connections make Intego NetBarrier X9 a far superior firewall when compared with what’s built-in to macOS.

Apple’s macOS firewall hasn't really changed in over a decade, but the threats targeting Macs and the security needs of Mac users have continued to evolve. A firewall product must adapt to these threats and requires to meet up with today's expectations, and NetBarrier fits the bill.

Related:

  • Targeted Malware Attacks and also the Importance of Layered Protection