If you can take anything away from this post, it’s to implement both tools!
It’s a common misconception that anti-virus software and firewall software are meant for the same purpose; however, they are two different, complimentary security applications that can be run simultaneously. What’s the difference?
Anti-viruses work at a “file level” – it will scan files to prevent, detect and remove malware (malicious software) that is either already installed in your system, or are about to be installed in your system. Updated anti-virus software can protect against: browser hijackers, ransomware, keyloggers, backdoors, trojan horses, worms, spyware, adware and many other forms of malware. Depending on the software, it can quarantine, permanently remove files/applications, fix them, etc. It usually runs daily/weekly/ad hoc scans on the system and reports the threats, the fixes, and the number of clean files that were scanned. Anti-virus software should be frequently updated, so that it can detect new forms of malware.
Firewalls, on the other hand, act as a sieve – blocking specific data from coming into, or leaving a network. They are also a security software, but instead, work at the network-level or at an application level. Network firewalls screens traffic between two or more networks (i.e. an internal network and an external network – like the internet). Host-based firewalls provides a layer of software on one host that controls network incoming and outgoing network traffic.
Still not convinced? Check out the article 10 Signs You Should Invest in Security for more information.
For more information on ways to manage risk and vulnerabilities, check out Uzado’s Whitepaper: Risk-Based Approach to Vulnerability Remediation