There’s a common misconception that smartphones running on Android are not susceptible to malware attacks. Sure, the likelihood of getting a virus is smaller on Android than on PC, but it’s entirely possible.
Android has grown a lot in terms of security in the last couple of years, but recent attacks have shown us all that there’s still a lot of work ahead. If you ever took a Personal Computer Security class, one of the first things they teach is to always have a working antivirus and a firewall. Well, things are not that different on Android.
Of course, a firewall is much more necessary on a PC than on a smartphone, mainly because the latest Android versions have some form of firewall built in (SafetyNet). But a trusty Android firewall app can protect you from a mile of trouble if you use a lot of different WiFi connections. Even more so if you’re rooted and you install APKs outside of Google Play.
Even if you don’t end up getting a virus that will leave your bank account empty, some malicious apps will operate quietly and collect information about you without consent. Your best defense against this is to regain control of the data you share with a reliable firewall for your Android device.
Whether you what to tighten the security of your Android or you’re looking for an app to keep a tight leash over your usage limits, the right firewall app will keep you happy. With this in mind, check out a list with the best Android firewalls currently available on Google Play.
PS: A firewall is even more efficient on a rooted Android device and dosen’t need t use a VPN network as a proxy. If you own a rooted device, consider choosing a firewall app that is specifically designed for root capabilities.
NoRoot Data Firewall (Root Not Required)
No Root Data Firewall works similarly to a VPN interface. It operates as a proxy between the apps you have on your Android device and their servers. Using this app, you will be able to control the permissions for each app that needs internet access from your mobile data or a WiFi network.
You can easily choose to block background data and let the foreground data run its course. I liked the fact that it allows you to record, analyze and sort the data usage for each app separately. You can see the history data by hour, day or month in an intuitive bar chart.
Another great feature is the ability to set a temporary permission for an app. This means you can choose to allow an app to access the internet for a fixed period of time. If an app starts a new internet connection with an external server, you’ll be automatically notified.
This firewall automatically captures data packets, which will allow you to sniffer the internet data straight from your device.
I just want to point out that this firewall requires minimal permissions. If you’re paranoid enough to think a firewall might be after your data, No Root Data Firewall is a no-brainer.
NoRoot Firewall (Root Not Required)
NoRoot Firewall works on the same principles as the first entry. It protects your personal information from being sent away through the internet. When an app is trying to access the Internet, NoRoot firewall will automatically notify the user. You then have the option to either allow the connection or deny it.
Although the UI seems simplistic, the app will allow you to create specific filter rules based on the IP addresses, domain name or host name.
A major inconvenient is the app inability to support IPv6. If you’re mostly on an LTE network, NoRoot Firewall will not work while you’re on a mobile data connection. The developers announced a fix is on the way, but it might take a while.
If you’re looking for a firewall with a simplistic interface that allows for fine-grained access control on IP, host name, and domain name, I would go with NoRoot Firewall.
Mobiwol (Root Not Required)
Mobiwol is built with the VPN packaging module offered to developers by Android. It’s used to gain visibility of app’ network activities and apply firewall rules without the need to ask for root permissions. Even though it requires a VPN connection, no data is being sent externally by the Mobiwol app.
Aside from being a trusty firewall, this app will allow you to save battery and reduce data usage in order to stay within your data plan. Whenever a new app accesses the internet, you’ll be alerted and prompted to either allow or block the app connectivity.
The initial setup is extremely easy, but if you’re having trouble with it, make sure to consult the Rules section. I like the fact that the app is regularly updated, with new functionalities added on a regular basis.
NetGuard (Root Not Required)
From all the apps featured in this list, NetGuard is probably the better-looking entry. Everything about the UI gives it a more professional vibe than any other application of this type.
If we’re talking functionality, NetGuard is a simple, yet effective way to keep a tight leash on your internet-hungry apps. All apps (including system apps) and even addresses can be individually configured to a different access treatment.
It works just as well with IPv4 and IPv6 TCP/UDP. The app is open source and will accommodate even the newest Android smartphone adopters. If you know what you’re doing, you can opt to buy the PRO version which will allow you to log all outgoing traffic, search for access attempts and export PCAP files for a deep network analysis.
AFWall+ (Root Required)
AFWall+ required root in order to function properly. If you do have root on your device, I recommend you use a dedicated Android firewall that is programmed to work on rooted environments.
The UI interface is super simple but does the job very well. Based on the powerful iptables of Linux, AFWall+ will allow you to restrict which applications are permitted to access your data networks. It works well with 2G, 3G and Wi-Fi connections, but if you are mostly on LTE data I would not use it as it’s quite unstable with 4G connections.
You can control the traffic flow of your network even while connected through VPN. Keep in mind that you need to grant AFWall+ ACCESS_SUPERUSER permission in order to function properly.
DroidWall (Root Required)
DroidWall has exactly the same functionality as the app featured above. Since it’s based on the same principles, you’ll need root access in order to use it.
If you have root access but you’re working on a limited data plan, you should give this app a go. In addition to allowing you to restrict which apps can access the network you’re connected to, DroidWall will allow you to manually define custom iptables rules.
If you decide to uninstall the app, remember to disable the firewall before uninstalling. Otherwise you will need to hard reboot your device in order to make the restrictions you’ve set up go away.