Software Firewall Issues:
There are several issues that commonly affect software-based ﬁrewalls.
Firewall Issue and Description
Disabling: Because it is not integrated into a hardware device, a software ﬁrewall can be disabled by mistake. Reserving this power to Administrators and Power Users can safeguard against this.
Open ports: Because it is sometimes difficult to conﬁgure FTP or other network communication through a ﬁrewall, administrators may err on the side of permissiveness and open ports that create holes in their security perimeter.
LAN and VPN traffic: Software ﬁrewalls need to be conﬁgured to allow for valid internal LAN traffic so that normal network traffic is not misinterpreted as an attack. The ﬁrewall must also work correctly with any VPN software in use.
Firewall conﬂicts: Multiple software ﬁrewalls can conﬂict with each other, causing Internet connectivity issues or other unexpected behavior.
Program dependencies: To work correctly, some programs, especially peer-to-peer applications, need to have speciﬁc ports open so that traffic can pass through the ﬁrewall. Some programs will fail until the software ﬁrewall is reconﬁgured.
Outgoing traffic: If a ﬁrewall controls only incoming traffic, damage can be done to the net- work and other computers by malicious outgoing traffic produced by spyware, viruses, and Trojan horses that phone home or send out a stream of attacks.
User errors: Some personal software ﬁrewalls will ask the user whether to allow particular traffic, and then learn from the pattern of responses over time. As a result, user error can create security vulnerabilities. This can occur especially in cases where the software generates a large number of alerts, as the user may start to accept more traffic to avoid the nuisance.