Each new Mac comes with the built-in firewall turned off. If Apple’s engineers think the Mac is so secure then why bother with a firewall at all? Or, why bother to turn it off if firewalls are actually useful (and they are)?
A couple of months ago I wrote about Murus for the Mac; a third party user interface app for the built-in OS X firewall. What you get, starting at free, and going up to a full-fledged graphic user interface for the Mac’s firewall, is an elegant way to control the Mac’s various communication ports.
A little paranoia about security and privacy goes a long way to protect files on your Mac, but so does convenience. So, the folks who publish Murus also publish Murus Menulet, a firewall status utility which is visible in the Mac’s Menubar.
The Menulet is visible in the Menubar, displays the current firewall status, and has controls to open Murus itself. By the way, Murus is not a firewall applications. It’s merely a user interface which enables a graphical front end to the firewall Apple includes in OS X.
Murus Menulet is also free. All it does is tell you if the firewall is running by displaying the current packet filter status. That’s geek talk but it’s also a quick way to make sure the firewall is doing what you think it is doing without opening up Murus or hitting terminal.app to check.
Not bad for free, right?
Now, on to a slightly more important question. If a firewall is so useful, and OS X comes with a built-in software firewall, then why doesn’t Apple bother to turn it on? That’s a good question. The way OS X’s services are constructed hacking into a Mac from a remote location still isn’t easy, but I view security with a bit of paranoia so every Mac I own or manage has the firewall turned on.