Solved

Soft-vs-Hard Firewall

Posted on 2004-09-09
8
992 Views
Last Modified: 2008-01-09
Greetings Experts,

I have heard differing accounts as to what is best; a hardware firewall, or a software firewall.
Some of my readings suggest that a hardware firewall is best due to the advanced electronics, other's seem to suggest that a software firewall is best due to the advanced software. Hmmm...
What is truly the BEST, BEST, BEST avenue?

Thank you!!
0
Comment
Question by:Fermion
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 4

Accepted Solution

by:
tmireles earned 500 total points
ID: 12022613
The best route will be the most expensive as well and it would be a hardware firewall.  Almost every company out there uses hardware firewall to prevent from getting hacked.  Hardware firewall can come in the form of a router that has the firewall built into it.  Reason is that you are not relying on software to do the blocking of certain ports.  The hardware firewall does this after it is setup.  Yes it does use software to do this however once it is setup there is no user interaction that can reset it by accident.  

Software firewall is good for must home users that have some important stuff on their computer.  It will also warn you if you have programs trying to access the internet without your permission.  The software firewall is only as good as the user.   The reason I say this is because when you are prompted to give permision to a program to access the internet then it is the user who must determine if the program is legit or not.  If every time a program asks for permision to go on the net and the user allows it every time you might as well save your resources and remove the software firewall.  It will block incoming attacks though although most home users are rarely attacked unless a virus is involved.

Best solution is a combination of both hardware and firewall but that is just my opinion.  I use zone alarm on my laptop and that has worked well for me.  I also have a router with firewall built into it (most do).  At work we have a hardware firewall that does not allow access to anyone into our servers unless you use vpn.  But even then it is such a pain to configure because of how high the security settings are set.

I hope this helps you out a bit.  If you have more questions let me know.

0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12023103
No doubt that every expert on this site will reflect the same attitude towards firewalls that tm already said.  I have no real use for Software Firewalls, unless it is a home system, not in a production environment, or if the specific user just does not want others within the LAN to access their system.  Of course, I am also concerned about performance, and most add-on firewalls worth their weight will drag down a system, especially one that is already under-powered.

FE
0
 
LVL 3

Author Comment

by:Fermion
ID: 12031512
Thanks. If I am reading the comments correctly, they would suggest that a hardware firewall is superior to a software firewall. With my limited knowledge of firewalls(so please correct me if wrong), I would asume that this is because a hardware firewall is presented as the ONLY connected device to the internet, and becomes configured such as to where the connected computers are are "hidden" behind the hardware firewall??
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12031615
Correct, basically...  A hardware firewall guards your perimeter, whereas the software firewall only guards the machine it sits on..  When on the perimeter of your network, it insulates your network completely from intrusion, not allowing anything to breach your LAN...  And again, this is its primary and only job.   Most software firewalls can be cracked in some fashion, whereas a SPI Perimeter firewall is hardened to these attacks...

FE
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 4

Expert Comment

by:tmireles
ID: 12031797
That is very well worded FE.  

Fermion,  as FE said the best firewall is going to be a hardware one.
0
 

Expert Comment

by:chockymonster
ID: 12031909
One quite important thing to take into account is that a software firewall runs on a host operating system, be it linux, microsoft etc.

In the case of software firewalls there is always the possibility that the host  operating system can become comprimised. If this happens then your fancy firewall may as well not be there. It is very important to make sure that the host is secure!!!
What good is a firewall if the host is comprimised with virii and spyware?

A hardware firewall does not have this vulnerability as the operating system is solid state and not customisable, it is there to do one job and one job only!
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12031961
Thank you tm..  ;)
0
 
LVL 3

Author Comment

by:Fermion
ID: 12036071
Thanks to everyone!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now