This month’s Macworld magazine features an article on personal firewall options for Mac OS X. Entitled “Mac Security: Firewalls,” with sub-title “Do you need more than the firewalls built into OS X?” the article is an excellent introduction to the topic, but overlooks one key item.

The article starts out with a number of important points:

1. • Macs aren’t immune to Internet-based attacks
   

2. • There are computers out there that do nothing but look for vulnerable machines, and these will at some point find your Mac
   

3. • When you’re at a WiFi hotspot, you’re particularly vulnerable.
   

The article then points out how Mac OS X has two different firewall technologies built in : ipfw and Leopard’s new application firewall (which the article refers to as a “socket firewall”). ipfw is off by default, in deference to the application firewall, which the article accurately points out has a number of limitations.

The article then talks about third-party options for activating ipfw to recover the features missing from the application firewall. These options include our DoorStop X Security Suite. The article specifically highlights DoorStop’s ability to easily switch between configurations when you change locations (for instance if you’re in a coffee shop with a WiFi hotspot and want greater protection).

The otherwise-excellent article overlooks one key feature of all firewalls however: logging. Any good firewall should log all access attempts, and advanced ones should provide forensic analysis features. Leopard’s application firewall does provide a log of sorts, but that log is missing critical information and is nearly useless. ipfw technology includes excellent logging, which the Who’s There? component of our Suite can analyze in detail. The article should have at least brought up the logging issue.

Finally, I guess we should also mention that DoorStop X was the highest ranked firewall of those listed at the end of the article, with four-and-a-half mice :)