The Alpha-Shield Personal Hardware Firewall is being touted as a true plug-n-play, hardware firewall solution that is easy to install for any broadband connected computer. Lets look closer at what types of firewalls exist for the home user.

What is a Firewall?
A firewall is a computer protection system that resides between your computer or computer network and the dangers of the Internet. When installed correctly, a firewalls job is to prevent unauthorized use and access to your computer and/or computer network. A firewalls main job is to analyze all data entering and exiting a network, searching for and blocking unwanted processes based on the way the user has his or her configuration for the network set. A firewall performs an important role as it provides a protective "firewall" barrier against the most common forms of internet attacks against computer networks.
Firewalls fall into two main categories.

Hardware & Software Firewalls

A firewall can be either a hardware or software component, and ideally a firewall solution would consist of both types of firewalls, with the initial barrier being the hardware type and the secondary line of defense being the software type.

While many people do not completely understand the importance and necessity for a firewall, or consider it to be a product for businesses only, the truth is that if your network or computer has access to the the Internet then you really need have some sort of firewall to protect your computer and/or network from attack, being part of a denial of service zombie network (trojans), identity theft and general data theft.

To test your firewalls security, you can purchase third-party test software or search the Internet for a free online-based firewall testing service. Firewall testing is an important part of maintenance to ensure your system is always configured for optimal protection. The two that we use are the free security testing sites from Gibson Research (grc.com, shieldsup) and Symantec's (security.symantec.com) .

Because it's not physically on your machine, a hardware firewall is somewhat less vulnerable than a software firewall.

Software firewalls give you the level of protection you need to keep safe from hackers and other unwanted intrusions because software is far easier for computer novices to customize. The features are suited for smaller home networks.

Some top software firewall packages also include anti-spam, anti-virus, even anti-popup ad software. Some software firewalls are flexible enough to incorporate your existing anti-virus software into its firewall program. Some software firewalls also include parental controls to manage what kinds of websites your children visit.

Up until now, Hardware firewalls had been best suited to businesses and large networks; while software firewalls have been best suited for the home user who wants easy customization.

 

Hardware Firewalls
Hardware firewalls can be purchased as a stand-alone product but more recently hardware firewalls are typically found in most broadband routers, and should be considered an important part of your system and network set-up, especially for anyone on a broadband connection. Hardware firewalls can be effective with little to no configuration, and they are able to protect every machine on a local network. A hardware firewall uses packet filtering to examine the header of a packet to determine its source and destination. This information is usually compared to a set of predefined or user-created rules through a configuration user interface that determine whether the packet is to be forwarded or dropped.

A computer user with general computer knowledge can plug in a firewall, adjust a few settings and have it work. To ensure that your firewall is configured for optimal security and protection however, consumers will no doubt need to learn the specific features of their hardware firewall, how to enable them, and most importantly, how to test the firewall to ensure it's doing its' job of protecting your network.

Software Firewalls
For individual home users, the most popular firewall choice is a software firewall. Software firewalls are installed on your computer (like any software) and you can customize it; allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access to your computer, and depending on your choice of software firewall, it could also provide protection against the most common Trojan programs or e-mail worms. Many software firewalls have user defined controls for setting up safe file and printer sharing and to block unsafe applications from running on your system. Additionally, software firewalls sometimes incorporate many privacy controls, web filtering and more. The downside to software firewalls is that they will only protect the computer they are installed on, not a network, so each computer will need to have a software firewall installed on it.

Routers as Firewalls

Routers sort data packets from the Internet and direct them to one or more computers or peripherals on local networks. They assign a unique local address to each connected unit, but all external Internet traffic seems to come and go from the router's single address. That prevents a simple attack on the PCs behind the router, but it's possible to bypass simple address translation devices.

Most current routers include real firewalls that block unauthorized data packets flowing in or out of the network. Most of them operate as simple packet filters, which provides a weak hardware firewall.

Good firewalls, the hardware and the software kind, use "Stateful Packet Inspection" (SPI) which examines the content of packets, not just packet addresses and ports, to block or permit packet transfer.

AlphaShield® Home Edition is the next generation in network security. It is a stand-alone external hardware device that utilizes cutting edge technology to stop hackers and network attacks before they can access your computer. AlphaShield® Home Edition monitors all inbound and outbound data transmissions between your computer and the outside world. It does all this seamlessly, while maintaining your Internet connection.

AlphaShield® Home Edition has many advanced features that make it a bulletproof security device such as:

Unique “GAP” technology (Trademark: AlphaGAPTM)
RPA (Real-time Packet Authorization)
IP Stealth Technology (Makes your computer invisible to hackers)
Stand-alone hardware sentry
Manual Mode (Timed connection with a logical disconnect)
Auto Mode (Continuous connection with an optional logical disconnect)
Lock Mode (Timed connection with a physical disconnect)
Instant manual connect/disconnect function
Auxiliary Port for other IP devices such as VOIP
Blocks all 65,536 ports for both TCP-IP and UDP communications
Stops most third party pop-ups
True plug n' play installation and operation
No technical knowledge needed for setup and installation; less than 1 min. setup
No future software patches or upgrades required
Functions with all operating system platforms
Compatible with Cable, xDSL, or ISDN
Firmware immune to viruses and alterations
No conflicts with existing firewalls or routers or any other security softwares
Eliminates DOS (Denial of Service) and DDOS (Distributed Denial of Service) attacks
Provides 24/7 online protection
AlphaShield® Home Edition utilizes three technologies to achieve a level of security which surpasses all.
AlphaGAPTM technology is the first of its kind in the security market which allows the user to physically or logically disconnect or reconnect seamlessly.
IP Stealth Technology creates a two-way mirror whereby you can see everyone, but no one can see you. Even if everyone on the internet has your IP address, your computer is invisible or non-existent to everyone. You are only visible to the person whom you are communicating with in real-time.
AlphaShield's Real-time Packet Authorization uses an Artificial Intelligence Infrastructure to determine what is allowed or not allowed in your computer. Blocks all 65,536 ports in your computer, and only opens ports to IP specific destinations.

AlphaShield® Home Edition will create a tunnel between your IP addresses and the destinations' IP addresses and will only allow the requested information to enter your computer through the specified port.

One fact that we would like to be clear on is that the AlphaShield is not a NAT (Network Address Translation) router. This means that it does not provide internet connection sharing. Instead it uses three technologies to work its internet security called AlphaGAP, IP Stealth and RPA (Real-time Packet Authorization). AlphaGap just refers to the units ability to completely stop data flow between the internet and host computer, just as if you physically disconnected your computer from your broadband modem by pulling the ethernet cable from it.
IP Stealth means that AlphaShield will discard any ICMP messages it receives from pings or traceroutes. The result of this is that scans directed at your IP address assigned by your ISP won't receive any response and just continue looking for their next victim. The RPA (real-time packet authorization) allows only requested information into the computer, keeping all unsolicited visitors out.
The AlphaShield's comes with an informative product box, user manual and in a small silver and charcoal plastic enclosure. On the front edge of the unit are the Outbound, Connection and Inbound LEDs - to provide indication of the AlphaShield's operating state. There is no software interface to view or configure, but there is a downladable interface for customization from the AlphaShield website called ACU (AlphaShield Configuration Unit) . When connected the AlphaShield doesn't get an IP address and doesn't even have a MAC address which is pretty neat given the test results later in our review.

The back panel on the unit has from left to right, a Cable/DSL port to connect the cable from your broadband router; an AUX port, the three position Mode switch (manual, auto and lock), the PC port to connect the computer into, and the power port for the AC power.

The AUX port is where you can plug a computer or device that will bypass the protection afforded by the AlphaShield which is the equivalent of putting the attached device into the DMZ on a NAT-based router.
The Mode switch's Lock and Manual positions both disconnect (using AlphaGAP) the attached device after approximately 15 minutes of system inactivity, which also includes if you are downloading large files. The unit will not disconnect you during your file transfer. The difference between the Lock and Manual switch settings is that the Manual position will retain the IP address leased from your ISP's DHCP server while the Lock position will eventually release it .
The default configuration is the Auto setting in the middle which has no idle timeout and seemed to be the best choice for most users in our honest opinion.

Regardless of the mode you select, you will have to press the blue "connect" button that forms the left side of the "S" to get the AlphaShield to let you connect to the internet, and the grey "disconnect" button should you want to disconnect your internet connection or at the end of your internet session in the Auto mode. The middle LED glows red when you're not connected and has a small connection symbol above it, and will glow gree when you are connected.

Testing the AlphaShield

We port-scanned the unit using both ShieldsUp from grc.com and Symantecs security online scanner for internet security. The unit resulted in no active responses to any of the probes on the full range of all ports from 1 thru 65535. We noticed that during these tests the internet LED light (Globe symbol above it) flashed red indicating that it was actively blocking all attempts and the unrequested port scan packets from the sites we used. Multiple runs of these tests resulted in a true Stealth return from the websites indicating that we were invisible over the internet as our mchine returned no indication on any of the ports to say that there was a machine at this ip. Kinda like probing a blackhole in space, you get no returns. This result was extremely pleasing to find out and a good result for anyone purchasing the unit, as the AlphaShield definitely provides an effective firewall solution that is truely plug-n-play.

We checked our bandwidth before connecting the AlphaShield using SpeakEasy's bandwidth speed test, and after connecting it to our test system, and found that we did have a slight drop in bandwidth performance as a result of connecting it inline to protect the test system. The cost of slightly lower bandwidth for the total protection though is well worth it. Let me also state that in past tests, it was very hard to find a router or firewall that does not hinder connection bandwidth in some way.

Conclusion
With routers currently available at $50 or less, a price which normally includes four to five 10/100 ports with a built-in switch and that provide essentially the same level of protection, we felt that the AlphaShield's $99 pricing is a tad high.
The AlphaShield can be the ideal solution though for protecting anyone that is not computer savy that you may know and that have their computer directly connected to their broadband connection with its' easy to setup, no software to install, and no interface approach to complete protection.