Which third-party firewall app is right for you?
us.norton.com/macintosh-internet-security/
Requires Mac OS 10.4.11 or later; 512MB RAM; 250MB HD space
$79.99 for one year of virus protection updates
Norton’s location-aware features make network-hopping more secure.
A firewall is just one part of Symantec’s security package that protects your Mac from viruses, phishing sites, and other nasty surprises online. It offers many more options than OS X’s firewall for controlling incoming and outgoing traffic, including the ability to rule ranges of IP addresses as trusted or blocked. Travelers and other frequent network-hoppers will enjoy location-specific settings that offer different levels of protection based on the currently active network (such as Home, Work, and Traveling). Like OS X, Norton’s advanced settings let you customize options for specific apps and services, but a rule creation assistant makes it easier for networking newcomers. That’s a good thing, since directly editing rules requires a few more clicks than we’d like. But once your firewall is set up the way you want it, a graphical central window shows the past seven days of significant network events and lets you toggle important settings (including those cool location settings) with just a few clicks.
Open Door Networks DoorStop Xopendoor.com/doorstop/
Requires Mac OS 10.5.8 or later (10.6.7 recommended)
$49.00
DoorStop X’s clean interface and great documentation make protecting your Mac easy.
A standalone app, DoorStop X combines powerful firewall features with a straightforward Mac-like interface that’s easy to use. A setup assistant kicks things off by letting you block all services or just the ones you want from a list of common choices. Once you’re set up, the main DoorStop window shows clearly which services are affected and how, thanks to handy lock icons that indicate their status. Selecting a service lets you customize its traffic settings globally, or by IP addresses and more, with a few clicks. More complex customizations, like changing a service’s ports, are also available. But the most impressive feature may be DoorStop’s exhaustive documentation, which goes miles beyond OS X’s skimpy firewall help files. You can just select a service and quickly view related networking topics, from dense technical background to practical, plain-language advice about setting up your firewall. A location feature also lets you create and save firewall settings for use on specific networks when you’re on the go.
Objective Development Little Snitch 2.4.4obdev.at/products/littlesnitch/index.html
Requires Mac OS 10.4 or later
$29.95
If you want to get to your tweets, you’ve got to go through Little Snitch.
While other firewall applications focus on keeping the wrong traffic out, Little Snitch keeps an eye on the network traffic that’s leaving your Mac. That way, it can alert you when malware or other processes might be trying to contact the outside world. Little Snitch includes built-in rules for common applications and services, and you can create your own, toggle them on or off, and sort them in a convenient iTunes-like window. Creating rules from scratch (allowing or blocking apps’ access to particular IP addresses, hostnames, points on your local network, and more) can get technical for novice users, but Little Snitch also lets you create rules on the fly. As you use your Mac, outgoing traffic not already covered by a rule triggers an alert. The app responsible is clearly identified, and Little Snitch asks how you want to proceed with a wide range of options. Your response creates a rule that can be edited later. Combined with a traditional firewall, these rules can effectively double your Mac’s protection against network threats—both inside and out.
Junecloud Firewall Switchjunecloud.com/software/mac/firewall-switch.html
Requires Mac OS 10.5 or later
Free
One of these widgets can make your Mac more secure.
When it comes to computer security, simpler tends to be better. After all, easy-to-use features are more likely to get used, right? That’s certainly the logic behind Firewall Switch, a one-button Dashboard widget that displays the status of OS X’s built-in firewall and lets you change it with a click (okay, a few clicks. And it works best if you’re not running Dashboard as a space). A gray icon means your firewall isn’t running; a blazing orange icon means the firewall is active. Clicking the icon launches System Preference’s Security & Privacy pane, where you can enter your admin password to automatically activate or deactivate the firewall (any changes to your firewall settings are usually made in System Preferences). For even more network-security-shortcut goodness, you can set Firewall Switch to open the Sharing preference immediately after the firewall is activated. You can even double-click the icon to go directly to Sharing if you like. Hey, anything that makes Mac security easier is pretty nifty in our book. If nothing else, Firewall Switch just may give you a reason to visit Dashboard again.
Intego VirusBarrier X6intego.com/virusbarrier/
Requires Mac OS 10.5 or later; 40MB HD space
$49.95 for up to 2 Macs for 1 year of virus protection and software updates
VirusBarrier’s animations make it clear what’s happening on your network.
Like Norton’s security suite, VirusBarrier offers a package of virus, phishing, and malware protection tools in addition to a firewall to help keep your Mac secure. Unlike Norton’s offering, VirusBarrier contains all its features in a single window, so it’s easier to see what’s happening with your Mac. Its firewall component comes with built-in settings (ranging from no network restrictions to strict client or server modes) that should cover most average uses, and you can create your own custom settings. Building rules for apps and services is relatively straightforward thanks to simple (if slightly un-Mac-like) pull-down menus that let you define the source and destination of the traffic you want to manage and which services are affected. But choosing applications from VirusBarrier’s out-of-date list (Napster and Diablo—really?) is too clunky to recommend compared to other firewalls. But once created, rules can be activated according to set schedules, and you can save collections of settings as configurations for different networks.
Hanynet NoobProof and WaterRoofhanynet.com/applications/index.html
Requires Mac OS 10.5 or later
Free
NoobProof can manage your Mac’s network traffic from one window.
The firewall interface in the Security & Privacy preference pane works, but it’s pretty simplistic. Managing networked features in other applications (like iTunes and iPhoto sharing) requires, well, trips to those applications. What do you do? With NoobProof, you can manage how your Mac handles its networking traffic in one place. It’s a graphical front-end for OS X’s firewall and various sharing features that may look a little rough around the edges, but it lets you customize access to your network traffic with much more flexibility than Cupertino allows. Experienced networkers can jump right in and edit connections manually, but a setup wizard is available to walk new users through an initial setup that, like those in other firewall apps, can be changed later. But fans of slick graphics and friendly icons may want to stay with OS X’s default controls; NoobProof is strictly a text-and-checkbox affair. For even more powerful firewall management, the developer also offers WaterRoof (get it?), which adds tools more suited for die-hard networkers who want to turn a spare Mac into a dedicated router.
