Hardware vs Software firewall?
- Thread starter pimpmypc
- Start date
- Status
D
DelJo63
A hardware firewall appliance is much better than a software FW.pimpmypc said:
However, Linksys with WPA{1,2} (or any other cheap router) is hardly a hardware firewall appliance.
All routers we get for home use have NAT support and some have SPI protection.
These are the very minimal services of a firewall. In short, home users will
need a software firewall to protect each system on the LAN or need to layout some
serious cash to get a real firewall appliance.
here's a list of a few Hardware Firewalls:
tipstir
Posts: 2,873 +206
Online Armor Firewall was a bit unstable.. I haven't used it in a while though. Kept on giving me problems with the free version. It got high ratings that's why I had tried it. I use PC Tools Firewall Plus (free).
Linux and BSOD OS
ClarkConnect - this one has NAS and firewall easy to install on modern PCs
IP-COP - old PC turned into hardware firewall uses also SNORT Detection
Smoothwall - same as IPCOP but has some issues with it IP addressing
IPSecuried - this can run on SD card or CD
There are some more in this class..
Windows XP and Vista
Now just software only
PC Tools Firewall Plus (free) is very good and stable
Online Armor - (free) has some issues I don't know if they fix though problems yet?
Armor2Net - paid for was the best one until it has some rogue spyware in it
ZoneAlarm (free) but has to much crap going on with it so I can't use it
Sygate (history) but you can still get it to run
Comondo Pro ?? Still could never get that to do what I want it to do..
PC Tools Firewall Plus - is the choice I say to try... Can work on Windows 2003 Server
Linux and BSOD OS
ClarkConnect - this one has NAS and firewall easy to install on modern PCs
IP-COP - old PC turned into hardware firewall uses also SNORT Detection
Smoothwall - same as IPCOP but has some issues with it IP addressing
IPSecuried - this can run on SD card or CD
There are some more in this class..
Windows XP and Vista
Now just software only
PC Tools Firewall Plus (free) is very good and stable
Online Armor - (free) has some issues I don't know if they fix though problems yet?
Armor2Net - paid for was the best one until it has some rogue spyware in it
ZoneAlarm (free) but has to much crap going on with it so I can't use it
Sygate (history) but you can still get it to run
Comondo Pro ?? Still could never get that to do what I want it to do..
PC Tools Firewall Plus - is the choice I say to try... Can work on Windows 2003 Server
tipstir
Posts: 2,873 +206
jobeard said:Online Armor looks good to me but I must admit I've not tried it (on xp/pro).
I was a strong advocate of Comodo and used it for a long while until it started crashing.
I have since moved to Sunbelt and found it to be very good and similar to Comodo
Sunbelt not free.. PC Tools Firewall Plus (free) works perfect and excellent with P2P programs. What does the Sunbelt offer, but their is Asian site that has a lot of test done on these programs:
Test results:
http://www.matousec.com/projects/firewall-challenge/results.php
List of all that is currently available..
http://www.matousec.com/projects/firewall-challenge/product-list.php
Hardware vs Software firewalls is an apple/orange comparison, I think. They are both useful for specific reasons, but neither is an appropriate substitute for the other, in my opinion.
The firewall you find on your router is only good for blocking incoming data which leaves you vulnerable to the nasty stuff that might get on your system by your own doing. These firewalls have no real fine-grained controls. It is also somewhat inconvenient having to manually configure ports etc...However, it is also going to be more difficult to circumvent than a software firewall and offer fairly reliable protection against incoming baddies.
A software firewall will block incoming AND outgoing data. Software firewalls give you a LOT of flexibility when it comes to options, features and offer a lot of convenience. Because of this, software firewalls can be much more effective in protecting your computer than a simple router firewall. However, the issue is that software firewalls can be more easily compromised because they run on an inherently unstable platform (your personal computer). All it takes is one wrongly configured item, a compromised software that was allowed onto your computer or an exploitable bug in the firewall itself (complexity breeds exploitability) and poof.. your protection is gone.
The obvious answer is to run both. But I think you're 'safe enough' with running either solo.. My preference would probably be the router firewall + safe online practices, but if you're afraid of the stuff that might end up on your computer, then a software firewall is going to be your friend in the event you end up with things that exploit your computer by making your computer a server (key logger or spyware, for example).
The firewall you find on your router is only good for blocking incoming data which leaves you vulnerable to the nasty stuff that might get on your system by your own doing. These firewalls have no real fine-grained controls. It is also somewhat inconvenient having to manually configure ports etc...However, it is also going to be more difficult to circumvent than a software firewall and offer fairly reliable protection against incoming baddies.
A software firewall will block incoming AND outgoing data. Software firewalls give you a LOT of flexibility when it comes to options, features and offer a lot of convenience. Because of this, software firewalls can be much more effective in protecting your computer than a simple router firewall. However, the issue is that software firewalls can be more easily compromised because they run on an inherently unstable platform (your personal computer). All it takes is one wrongly configured item, a compromised software that was allowed onto your computer or an exploitable bug in the firewall itself (complexity breeds exploitability) and poof.. your protection is gone.
The obvious answer is to run both. But I think you're 'safe enough' with running either solo.. My preference would probably be the router firewall + safe online practices, but if you're afraid of the stuff that might end up on your computer, then a software firewall is going to be your friend in the event you end up with things that exploit your computer by making your computer a server (key logger or spyware, for example).
tipstir
Posts: 2,873 +206
Rick said:
Rick, the world is a lot different then when you and I were online back in the day..
Routers (wired and wireless)
Hardware Firewall methods
NAT
SPI
Intrusion Detection
Plus
Firewall Filtering methods (wired, wireless and wireless access points)
MAC Address that allow to access your network (LAN)
IP addresses that allow to access the internet (WAN)
Third a good software firewall on you each PC.
Spyware Cleaner/Blocker (on demand scanner)
Anti-Virus Cleaner/Blocker (on demand scanner)
Ad blocker (on demand scanner)
Once I did believe you didn't need a router, or any spyware or virus. This all soon changed with Norton first release NAV for DOS then for Windows. Once I was in a chat room and my system got taken over, but just the pull of the dial-up cord stopped that. Back in those days no one would ever dream we would need all of these protections add-ons.
Wireless network is a bit more tricky but with a good security measure you can protect yourself also... Today I have tighten up network security more than last year for both the wired and wireless network here. I hope 2008 will be better than the prior years.
D
DelJo63
Sorry, not true. I have it and it compares well to Comodo. Yes there is a purchasetipstir said:
version, but the 30 trial period provides full function and when that period lapses,
the product has sufficient functionality to be very useful.
tipstir
Posts: 2,873 +206
http://www.amazon.com/Linksys-WRT300N-Wireless-N-Broadband-Router/dp/B000FDOWQKpimpmypc said:
Good reading but you'll still need software base firewall so you'll know what's trying to come in and out.. Router will stop other attacks from coming in...
- Status
