Solved

Do you need a firewall ?

Posted on 2002-03-17
3
173 Views
Last Modified: 2013-11-16
If you have a properly configured router and a well configured proxy server, do you still need a firewall of some sort?

No low level technical info required, just concepts at this stage.

Cheers,
chrisrip
0
Comment
Question by:chrisrip
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
ID: 6873861
It really depends on several things:
- brand/model of router
- features of that router
- which proxy software you are using
- how much would you loose to a DOS attack
- how valuable is your data
- how secure are your systems inside the network

A good firewall provides stateful packet inspection, prevention of DOS, DDOS, and looks further into the packets than either a router or proxy.

A good security strategy is a layered defense or "defense in depth" which would consist of a good, properly configured edge router, a good firewall, well defined security policies, and a program of monitoring, testing, and refining the implementation of those security policies.

The bottom line is to spend the right amount of money to protect the data you hold. For example, if you hold individual's medical history data, then there are legal requirements you have to meet regardless of cost. If you hold credit card numbers you want to spend as much as you need to ensure the privacy of those numbers and win the trust of your customers. If you're a small office with a personal web server so Grandma can see photos of the grandkids, then a NAT router is probably all you need.
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 6874452
In addition to the above advice, I would like to mention that a free firewall like Zonealarm from Zonelabs, will also catch a lot of Spyware that is sending info from inside the computer, out to the Internet !!

I hope this helps !
0
 

Expert Comment

by:JeffHarp
ID: 6887540
My response is YES.  I am running both a router with a firmware firewall installed and a software firewall (Norton Internet Security) to cover all aspects of it.  If I didn't believe it was necessary, I wouldn't have spent the money on either of them, much less both of them.  I caught strange activity the first week I set them up and blocked it.  And, I'm on a small DSL server.  If it is just for dial-up service, I would take my chances.  But, for DSL or cable I think it is very necessary.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now