SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

How to configure Mac OS X Firewall

Posted on August 15, 2015

Unlike the firewall settings in Windows, the built-in firewall for Mac OS X is not enabled by default. If you’ve recently purchased a new Mac computer, then you will have to go in and turn on the firewall manually if you want that protection. The steps to do so are quite simple and user-friendly, but the first question is this: do you need to enable the firewall on your Mac?

The short answer is “yes.” Apple leaves the firewall disabled by default because it can cause issues with certain applications. In most situations, though, having the firewall enabled will offer more benefits than drawbacks. It only takes one system vulnerability or rogue app, exploitable through the Internet, for your machine to be remotely accessed by a hacker. By enabling the firewall, you bring up the shields and protect your sensitive files and personal information from such a possibility. Sure, it’s probably true that the average Mac user will rarely experience a situation where their system is vulnerable in this way. Regardless, enabling the firewall is a good measure to take just in case.

What the Firewall Does

A firewall is a system that blocks or allows connections between your network ports and the applications on your computer. By monitoring these connections, the firewall is able to prevent a third party from exploiting the apps on your machine. It essentially shuts down unauthorized incoming connections before they reach your apps—all without tampering with your outgoing connections and impairing your network access.

Most Mac programs—whether they were installed on your computer as out-of-the-box apps or downloaded from a trusted developer via the Apple App Store—aren’t vulnerable to incoming connections. As a result, unless you’re running an app from an untrusted or unknown publisher or using some sort of server program where monitoring connections is actually essential, your Mac OS X firewall usually won’t be doing much.

The exception is if you are using a public network—whether in coffee shops, libraries, or airports. In such environments, you can never be sure who else is on your network and whether or not they might be looking for open ports through which to invade your computer. Just to be safe, it’s a good idea to switch on your Mac’s firewall before hopping on a public network.

Turning the Firewall On

The good news is that turning on and configuring your Mac’s firewall is a simple process. Follow the steps below to switch on the built-in firewall in OS X.

  1. Open the “System Preferences” menu and click on the “Security & Privacy” in the first row of the menu (the one with the house icon).
  2. In the “Security & Privacy” window, select the “Firewall” tab. To make changes to your settings here, you’ll have to click the lock icon in the bottom left-hand corner of the window and enter your administrator password.
  3. Click “Turn On Firewall.”

Configuring the Firewall

Now the firewall is switched on, and you can click the lock again to save your new settings. However, you can also go in and configure the firewall settings to match your unique purposes and preferences. One you have enabled the firewall, you will have the option of clicking a new button in the “Security & Privacy” window: “Firewall Options.” Click the button to begin configuring your firewall. Read on for a review of the available configuration options.

  • The first configuration option for your firewall is “Block all incoming connections.” This option is not recommended, as it will greatly impair what you can do with your machine. As Apple alerts you when you check the box here, blocking all connections will make it impossible for you to use file sharing, screen sharing, iTunes sharing, and basically any other type of sharing program—be it Dropbox or uTorrent.
  • The second option is “Automatically allow signed software to receive incoming connections.” Selecting this option will allow virtually all of your apps to behave normally, but will block incoming connections for apps without a valid certificate. Since most of your programs are probably either default Mac installations or downloads from the App Store, checking this box won’t actually have much of an effect on you.
  • The third configuration is “Enable Stealth Mode.” It’s a good idea to check this one, even if you don’t select either of the other two options. Stealth mode will make it so no one can scan your ports or ping your machine, which will essentially make your computer a tougher target for hackers trolling public networks.

In addition to these three options, if you are currently running any sharing software, you will see those programs listed in the white box beneath the “Block all incoming connections” checkbox. From this list, you will be able to decide on a program-by-program basis the apps that can accept incoming connections and those that can’t.

Once you’ve made your configurations, click “OK” to close the “Firewall Options” window, and then click the lock in the initial “Firewall” window to save your settings.

Conclusion

While the built-in OS X firewall won’t provide a ton of extra protection for the average Mac user, it can be useful for people who use sharing apps or access public networks on a regular basis. Just don’t treat firewall like the “be all, end all” of your computer security. If you want to be truly protected, it’s a good idea to lock your computer down with antivirus software, and some Mac experts even recommend looking into more powerful third-party firewalls as an extra precaution.

Share on Facebook0Tweet about this on TwitterShare on Google+0Email this to someonePrint this page

Join our mailing list for the latest security news and deals