Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Soft-vs-Hard Firewall

Posted on 2004-09-09
8
Medium Priority
?
1,005 Views
Last Modified: 2008-01-09
Greetings Experts,

I have heard differing accounts as to what is best; a hardware firewall, or a software firewall.
Some of my readings suggest that a hardware firewall is best due to the advanced electronics, other's seem to suggest that a software firewall is best due to the advanced software. Hmmm...
What is truly the BEST, BEST, BEST avenue?

Thank you!!
0
Comment
Question by:Fermion
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 4

Accepted Solution

by:
tmireles earned 2000 total points
ID: 12022613
The best route will be the most expensive as well and it would be a hardware firewall.  Almost every company out there uses hardware firewall to prevent from getting hacked.  Hardware firewall can come in the form of a router that has the firewall built into it.  Reason is that you are not relying on software to do the blocking of certain ports.  The hardware firewall does this after it is setup.  Yes it does use software to do this however once it is setup there is no user interaction that can reset it by accident.  

Software firewall is good for must home users that have some important stuff on their computer.  It will also warn you if you have programs trying to access the internet without your permission.  The software firewall is only as good as the user.   The reason I say this is because when you are prompted to give permision to a program to access the internet then it is the user who must determine if the program is legit or not.  If every time a program asks for permision to go on the net and the user allows it every time you might as well save your resources and remove the software firewall.  It will block incoming attacks though although most home users are rarely attacked unless a virus is involved.

Best solution is a combination of both hardware and firewall but that is just my opinion.  I use zone alarm on my laptop and that has worked well for me.  I also have a router with firewall built into it (most do).  At work we have a hardware firewall that does not allow access to anyone into our servers unless you use vpn.  But even then it is such a pain to configure because of how high the security settings are set.

I hope this helps you out a bit.  If you have more questions let me know.

0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12023103
No doubt that every expert on this site will reflect the same attitude towards firewalls that tm already said.  I have no real use for Software Firewalls, unless it is a home system, not in a production environment, or if the specific user just does not want others within the LAN to access their system.  Of course, I am also concerned about performance, and most add-on firewalls worth their weight will drag down a system, especially one that is already under-powered.

FE
0
 
LVL 3

Author Comment

by:Fermion
ID: 12031512
Thanks. If I am reading the comments correctly, they would suggest that a hardware firewall is superior to a software firewall. With my limited knowledge of firewalls(so please correct me if wrong), I would asume that this is because a hardware firewall is presented as the ONLY connected device to the internet, and becomes configured such as to where the connected computers are are "hidden" behind the hardware firewall??
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12031615
Correct, basically...  A hardware firewall guards your perimeter, whereas the software firewall only guards the machine it sits on..  When on the perimeter of your network, it insulates your network completely from intrusion, not allowing anything to breach your LAN...  And again, this is its primary and only job.   Most software firewalls can be cracked in some fashion, whereas a SPI Perimeter firewall is hardened to these attacks...

FE
0
 
LVL 4

Expert Comment

by:tmireles
ID: 12031797
That is very well worded FE.  

Fermion,  as FE said the best firewall is going to be a hardware one.
0
 

Expert Comment

by:chockymonster
ID: 12031909
One quite important thing to take into account is that a software firewall runs on a host operating system, be it linux, microsoft etc.

In the case of software firewalls there is always the possibility that the host  operating system can become comprimised. If this happens then your fancy firewall may as well not be there. It is very important to make sure that the host is secure!!!
What good is a firewall if the host is comprimised with virii and spyware?

A hardware firewall does not have this vulnerability as the operating system is solid state and not customisable, it is there to do one job and one job only!
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12031961
Thank you tm..  ;)
0
 
LVL 3

Author Comment

by:Fermion
ID: 12036071
Thanks to everyone!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Can you find a fax from a vendor you saved a decade ago in seconds? Have you ever cursed your PC under your breath during an audit because you couldn’t find the requested statement or driver history?  If you answered no to the first question or yes …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question