Why everyone should run a firewall

In today's hostile Internet environment, running a firewall on your desktop or laptop computer is one of the best things you can do to protect your system, and is just as important as running anti-virus software.

All computers connected to the Internet are continually being probed and scanned for vulnerabilities that might allow a virus, worm, or hacker to install malicious software and damage or take control of your system. A firewall monitors network traffic into and out of your system and attempts to block connections that appear to be hostile.

We strongly recommend that all desktop and laptop systems at Cornell run a firewall.

Symantec Endpoint Protection does not provide a mechanism for pre-configuring the Firewall component for un-managed clients. By default, it does not block network traffic for un-managed clients and if you do configure it to block network traffic, it does not automatically prompt for permission to Allow or Deny network access to an application. This means it's difficult to know which traffic is being blocked. The Windows (XP/Vista) built-in Firewall blocks incoming network traffic and Windows Vista also enables you to configure blocking of outbound network traffic. CIT recommends using the Firewall built into Windows. If you prefer to work with the Symantec product, you can download it from:  http://cufs.cit.cornell.edu/firewall/current/client/sep_fw_windows.exe .