Software or Hardware Firewall


Recommended Posts

Software is easier, I use Sygate pro; a router is more reliable, for what it does, but less configurable (often) .. it has (generally) stricter defaults and is less likely to permit 'accidental' exposure. I use a Netgear RP614v2.. and i'd recommend BOTH for a broadband user, and software only for most dial up users. Exposure versus price versus hassle factor is the issue. The more there is to protect, the stronger security you need.. and the more you must learn to do it correctly.

Link to comment
Share on other sites

Hardware firewalls are still software based to a extent. The best firewalls would be to take a old 386 or higher CPU machine and then use FreeBSD/OpenBSD/NetBSD or Linux on it with the firewall's built into those OSes as a dedicated router and other stuff.

Link to comment
Share on other sites

Hardware firewalls are still software based to a extent. The best firewalls would be to take a old 386 or higher CPU machine and then use FreeBSD/OpenBSD/NetBSD or Linux on it with the firewall's built into those OSes as a dedicated router and other stuff.

That's a bit a of overkill for home use. A nice Software firewall like Kerio 2.1 is good enbough when you configure it properly. :yes:

Link to comment
Share on other sites

That's a bit a of overkill for home use. A nice Software firewall like Kerio 2.1 is good enbough when you configure it properly. :yes:

It's not really overkill.. Remember I said take a really low end system and make one. You can even use the ones that fit on a floppy... Better than the parts sitting there collecting dust.

Link to comment
Share on other sites

A linux firewall is nice and all but if it's your first time doing things it may get a little maddening. Even though there's quality firewall distro's out there like smoothwall, and clarkconnect.

Perosnally if you don't have a old spare system lying around I'd recommend just buying a cheap router that has NAT capability, and then using a software based firewall on your pc's.

Link to comment
Share on other sites

I've got a lot of opinions on this matter, and not enough time to post them all.

Personal firewalls on their own are effectively next to useless, Blaster proved this. Most people's configuration steps go next>next>finish. ie: they install and leave. A badly configured personal firewall is useless, and users shouldn't be expected to know which traffic to allow and which to block. Its a wholey unrealistic expectation (and again, blaster proved this en mass).

NAT offers an often over looked level of protection, its the core technology behind any hardware firewall and its worth its weight in gold.

Personally I just use kerio because a) I've configured it well and b) I have no need to fork out for a hardware routing device. I've used my degree project for hardware firewalling in the past (as well as spam + av filtering using chained pop3 proxies).

But if you dont feel you understand every warning the firewall pops up, then get a router. NAT alone will provide a level of obscurity, meaning any services you're running (be it via trojans, zombies, flawed services like RPC) are hidden from the outside world.

Link to comment
Share on other sites

I love my WatchGaurd FireBox SOHO Firewall. I got it new from eBay for only $102(from the $450 list price). It's very easy and smart to config. I love the live security upgrade feature. It will download and install patch/firmware itself.

:cool:

Link to comment
Share on other sites

It's not really overkill.. Remember I said take a really low end system and make one. You can even use the ones that fit on a floppy... Better than the parts sitting there collecting dust.

Running a second computer to be a firewall for home use is overkill, when you can install a very effective software firewall like Kerio 2.1.5. I haven't had any intrusions either.. ;)

Link to comment
Share on other sites

Running a second computer to be a firewall for home use is overkill, when you can install a very effective software firewall like Kerio 2.1.5. I haven't had any intrusions either.. 

I would have to agree IF you only have one computer. If you were connecting more then one computer to the Internet a hardware (either a old machine or one built into a router) firewall would be the way to go. The other downfall to the software firewalls is people will install them, think they are protected, but they never get configured properly.

If you are a new user, and need a very easy device that is secure from the start, go with the Microsoft Line of Routers. They are very easy to set up and have some very nice features.

Link to comment
Share on other sites

I would have to agree IF you only have one computer. If you were connecting more then one computer to the Internet a hardware (either a old machine or one built into a router) firewall would be the way to go. The other downfall to the software firewalls is people will install them, think they are protected, but they never get configured properly.

If you are a new user, and need a very easy device that is secure from the start, go with the Microsoft Line of Routers. They are very easy to set up and have some very nice features.

I agree with your configuration IDEA. wish I had said it... :whistle:

quote samoa

That's a bit a of overkill for home use. A nice Software firewall like Kerio 2.1 is good enbough when you configure it properly. 

even left the bad spelling in there...

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.