...My goal is for extra protection from hacks. ...
Are you new to the Macintosh? Security is a huge problem for Windows users. It requires only the slightest care on a Macintosh.
I've been helping Macintosh users with their Macs (via helplines, discussion fora, response to my Web sites, etc.) for over 35 years. I've been in touch with tens, maybe hundreds of thousands of Macintosh users. I've never heard from a single Macintosh user who legitmately reported that they have had their Macintosh hacked into. Not one. This depite the fact that most users never turn on their built-in firewall.
Macintosh hacking just doesn't seem to be a thing. Even at Macintosh hacking competitions, where the most tech-y people that you could find were challenged to hack into a Macintosh, usually no one could do it without being allowed physical access to the Macintosh.
Also, it's absolutely true what others are telling you. Your gateway/router has a built-in hardware firewall. Using the software firewall in the Mac OS is redundant and a waste of bandwidth.
If you are concerned about your data (e.g. if you have extremely valuable data), a good way to protect it wouid be to do frequent backups, and then keep your backup drive offline when it isn't being used to do an incremental backup. That way, no matter what happens to your Mac and the data on it, your backed up data is safe and available.
Some other suggesions if you are concerned about security:
Off the top of my head, these are the things that Macintosh users have to do with regard to security (note that, for now, I don't list a need for anti-virus software):
- Set passwords for your Mac and make them strong ones.
- Make sure to use the latest version of the Mac OS (that your Mac can run) and make sure to install all security updates.
- Know the latest social engineering threats (i.e. phishing attempts and scams).
- Don't update software anywhere but from the Web site of the developer, or from the Mac App Store.
- Have Java (*not* Javascript, which is something else) turned off in your browser. (No need to uninstall it completely. There has never been a Macintosh threat via a Java application.) (This one may be outdated. I haven't heard of a malicious Java threat to a Mac in years now.)
- Don't open e-mail file attachments from people you don't know. (Though malicious file attachments are just about always aimed at Windows users and usually are Windows executables that won't run on a Mac anyway.)
- Don't click on links to Web pages in e-mails from people you don't know (however, you can hover your cursor over such a link, and a pop-up will appear telling you where the link will really take you, and you can then decide if it looks safe). (Once again, this is more of a Windows thing....it's good to be a Mac user.)
- Turn on "Macro Virus Protection" in the Microsoft Office applications (though macro viruses are exceedingly rare these days)
If you are unable to save a document in Microsoft Word, your computer may have a macro virus. Microsoft Word documents can use macros, which can potentially...
kb.iu.edu
Learn what macro viruses are in Microsoft Office and how to protect yourself from them.
support.microsoft.com