?
Solved

Which Firewall???

Posted on 2003-03-19
26
Medium Priority
?
431 Views
Last Modified: 2013-11-13
MAC OS Jaguar has a firewall and so does my router. Which one should I activate? Or should I turn on both of them? And will either one being on slow down my web surfing or downloads??
0
Comment
Question by:Sith_Lord
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
  • 6
  • +2
26 Comments
 
LVL 30

Expert Comment

by:weed
ID: 8171946
Use your hardware router. Its your first line of defense, and will provide protection for all the macines on your network, not just OS X. Neither of them will slow down your network connection.
0
 

Expert Comment

by:Worboren
ID: 8173310
I also have a Linksys router and Jaggy and it doesn't really make sense to activate both - you'll either duplicate your firewall setup or will have to control it in 2 separate interfaces, no sense to do it. As weed has pointed out, if you have more than 1 machine the router will protect all of them. Another point: I'm often away from my machine and sometimes want to tweak my firewall setup, like temporarily open or close some holes and such, I just launch a browser (no matter what platform), connect to the router remotely and configure it to my heart's content. Also, IMO configuration options for the OSX firewall are more limited than what you will find in a typical router but I might be wrong here, I never really tried to examine the Jaggy firewall in any depth.

My 2 cents.
0
 

Author Comment

by:Sith_Lord
ID: 8173777
Well I'm still up in arms here and I'll explain. I have 3 computers. 2 MACS and 1 PC. They are all connected to the Seimens Router. The router of course has a firewall but there is no way of tweaking it. It's pretty much Firewall ON or OFF. The same goes for MACS built in Firewall which is ON or OFF. However the firewall on my PC which is ZoneAlarm...that thing can be tweaked in any which way. So now that I've explained my setup in more detail, what should I do now??
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Expert Comment

by:Worboren
ID: 8173925
Then I guess it mostly depends on your needs. I have not dealt with siemens routers and this limited firewall configuration makes me think that I'll do my best to never have to :) Anyways, the Jaguar firewall allows *some* options so perhaps you might want to better stick with that (check out http://homepage.mac.com/opalliere/shield_us.html), or if you want more options consider investing in a dedicated piece of software like Intego Net Barrier (they have a demo available, see if it meets your needs, http://www.intego.com/netbarrier/). Or see here: http://www.versiontracker.com/mp/new_search.m?productDB=mac&mode=Quick&OS_Filter=MacOSX&search=firewall maybe you'll something better.
0
 
LVL 30

Expert Comment

by:weed
ID: 8175160
I gaurantee that you can tweak the open ports on the Siemens Router. You just have to add an entry to the routing table. The same goes for Jaguar. If you look in your Firewall tab in Jaguar youll see that you can add and remove open ports. It's not just on and off.
0
 

Expert Comment

by:soldato
ID: 8178223
http://personalpages.tds.net/~brian_hill/brickhouse.html

this software makes the MAC firewall a breeze.  I use both by the way.... router and MAC firewall.

0
 
LVL 30

Expert Comment

by:weed
ID: 8178242
You dont gain any extra protection by using both.
0
 

Expert Comment

by:soldato
ID: 8178331
I'm glad you feel confident making that statement.

0
 
LVL 30

Expert Comment

by:weed
ID: 8178355
If you open up a particular port on the hardware firewall, youre not going to be able to use it unless you open that port on your jaguar box as well. Meaning that if a "hacker" gets through your firewall, theyll also get through your OS firewall. You've added 3 seconds to the time it would take them to get to your machine and that's only because theyre scratching their heads saying "why does this guy have two firewalls?..heh".
0
 

Expert Comment

by:soldato
ID: 8178590
I'm glad you feel confident making that statement.

0
 

Expert Comment

by:soldato
ID: 8178598
not sure why that was posted twice.....

You're assuming all clients would have all the same ports open, as well as the router having all the same ports open.

0
 
LVL 30

Expert Comment

by:weed
ID: 8178690
If youre going to allow traffic on say, port 113 on the router, you also have to allow it in Jaguar. It's like having a hallway with a door on each end. If one of the two doors is closed youre not going to get through the hallway.

0
 

Author Comment

by:Sith_Lord
ID: 8180131
Ok guys...so bottom line. Router firewall or MAC firewall???   And the same for my PC. Router firewall or ZoneAlarm firewall????  And really...does having a firewall on slow down internet usage for downloading and surfing???
0
 

Expert Comment

by:Worboren
ID: 8180177
If your router can't indeed be configged (which I have a hard time believing but I've never seen Siemens routers) then it's the software firewalls, Macs and PCs. Neither will affect your downloading/surfing speeds.
0
 

Author Comment

by:Sith_Lord
ID: 8180641
I looked into the router firewall. Like I said...its either ON or OFF. All it allows is for me to either open a port or a  service ONLY if I specify it. Otherwise I guess ON or OFF goes to default settings. Bottom line... I just want to be WELL protected at ALL times. And of course I don't want my internet speed to be slowed down. I don't why I'm saying this...but I beleive I heard this one time on TECHTV that they said that some firewalls both hardware and software slow down internet speed by a fraction.
0
 

Expert Comment

by:Worboren
ID: 8180740
Well protected means all ports closed by default unless you want to run some server (ftp, http, or whatever) or play some online games which want to have certain ports open. The limitation of the hardware router firewall starts to show when you want to run, let's say, 2 web servers on 2 different machines - you can only port forward to 1 machine on your LAN, and probably have the option to have one more configged as a DMZ host, which means all ports open. If you simply want to be protected the router firewall will do the job. What are your needs, why do you need all that tweaking and all?

I've never heard of firewalls slowing down traffic, and I've never noticed any slowdowns myself. If it does it's probably only purely theoretical by some fractions of bytes per sec, unseen to a naked eye :)
0
 

Expert Comment

by:soldato
ID: 8182017
I agree with Worboren.

My point with the two levels of firewalls, is that the hardware firewall is typically either on or off (at least that's been my experience with home firewall / routers).  When you have multiple hosts behind that firewall, you may want to have different ports open or closed.  The software firewall on your client gives you that flexibility.

I don't think the human eye would notice any slowdown with the addition of a firewall.  I do believe it does slow it down though.

0
 

Author Comment

by:Sith_Lord
ID: 8188486
So bottom line...for both my MAC and PC...forget the MAC firewall and forget ZoneAlarm Pro??? Instead just stick to the router firewall?? I'm not doing any thing out of the ordinary. I'm a regular computer user just like most people. I surf the web, do online banking, online purchasing, E-mail, Instant messaging and downloading music. Remember...I'm scared of Viruses and Trojan horses too.
0
 
LVL 30

Expert Comment

by:weed
ID: 8188495
Right. Forget the software part of the firewall. Even big paranoid corporate networks dont run dual firewalls because they know its pointless.

A virus or trojan isnt going to get caught by a firewall anyway. They're files that get in via email, ftp, web downloads etc and you have to activate them. Pretty moot on a Mac anyway.
0
 

Author Comment

by:Sith_Lord
ID: 8193943
So bottom line...forget ZoneAlarm for PC and forget MAC's built in firewall??  Stay with the router firewall?
0
 

Accepted Solution

by:
Worboren earned 150 total points
ID: 8193954
Yes.
0
 
LVL 30

Expert Comment

by:weed
ID: 8196255
Didnt I just answer that?..heh
0
 

Expert Comment

by:soldato
ID: 8196321
you are always right weed.

0
 

Author Comment

by:Sith_Lord
ID: 8202340
Weed...honestly man! I guess it was too early for me to see what I did. I didn't mean to pick that answer from Worboren. I meant to pick yours. I know you answered that way up in the post. Sorry man. And why does my last reply say 1:47am??? It was more like 4:30am when I just woke up. How can I change that?? Something is wrong with the time.
0
 

Author Comment

by:Sith_Lord
ID: 8202395
Weed...honestly man! I guess it was too early for me to see what I did. I didn't mean to pick that answer from Worboren. I meant to pick yours. I know you answered that way up in the post. Sorry man. And why does my last reply say 1:47am??? It was more like 4:30am when I just woke up. How can I change that?? Something is wrong with the time.
0
 

Expert Comment

by:SpideyMod
ID: 8226615
We typically don't take points away from an expert, so enjoy them Worboren.

weed, your points are here:
http://www.experts-exchange.com/Operating_Systems/Macintosh/Q_20566702.html

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Create a default user profile for Mac OS X 10.7/10.8 Create a user account on OS X that will be a template for every other user of that computer. I usually call it “profile” and make it an administrator account for the time being. 1. Install a…
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question