As of Windows XP, Microsoft bundled a firewall software package into their systems. It evolved and improved over the last few revisions, but it’s still lacking what other dedicated software packages include. Administration of the MS firewall can be accessed through the control panel.
Plus: It’s free and it comes with Windows by default. It’s extremely simple to use.
Minus: It still feels somewhat primitive.
ZoneAlarm: For years, ZoneAlarm has been at the top of the list (or the only one on the list) of firewall comparisons. It’s currently a very stable and mature product. Just out their evaluation at http://www.zonelabs.com and peer into the logs. You would be surprised at how many hack attempts are made in a day.
Plus: Mature, full-featured product.
Minus: I’ve had a bad experience with ZoneAlarm getting too much in the way.
Norton/McAfee Personal Firewall: To be honest, both of these programs feel similar to me. They’re both good solid programs that one can easily bundle with other complementary software (such as their anti-virus products).
For a more verbose comparison, check:
In a Linux environment, I’ve had good experience with iptables. However, I couldn’t find anything that beat PF, the openBSD packet filter.
*Please note: In a commercial environment and/or when computers are more frequently exposed to the Internet (such as when they’re on broadband connections), an additional solution is advised. Most broadband routers/modems have built-in firewall capabilities. I strongly suggest consulting the user’s manual and enable any packet filtering / access control built into the router or firewall. This creates a closer secure connection to your ISP and relieves your computer’s CPU usage to other things.