Benefits of a hardware firewall?

Posted on 2004-10-31
Last Modified: 2013-11-16

In thinking about security for my PC, I am interested in better understanding what the benefits of a hardware firewall are to system security - as compared to a software firewall.

I notice that hardware firewalls are quite reasonably priced now. Is it worth investing in one - if so, any suggestion?

Thanks for considered feedback.


Question by:timclyma
    LVL 79

    Assisted Solution

    With a hardware firewall, you can support multiple PC's behind it.
    With a hardware firewall, you have more flexibility with what you want to do with it.
    With a hardware firewall, you save CPU cycles on the PC which has a potential to slow you down.
    With a hardware firewall, your PC won't be broken into directly if the firewall is compromised.
    Hardware firewalls don't run Windows operating system. 'nuff said on that one.
    The best scenario is a multi-layer "defense in depth" strategy.
      - hardware firewall
      - software hardening, patch management, Antivirus up to date, spyware blockers, etc
      - safe browsing practices, manual cookie management, etc
    LVL 79

    Expert Comment

    LVL 16

    Accepted Solution

    With a Hardware Firewall, you take the processing, etc., and put it on a box at the boarder of your network.  Most of the low end firewalls will block the typical ports and only allow traffic through that you request from the inside or that you configure in the firewall.  Some of the low end ones will give you some control over outgoing traffic, allowing you to setup DMZ's or having different security for different people.  The more you pay, the more features you get.  Even some of the low end will do stateful packet inspection.

    I agree with Irmoore that a layered defense is the best strategy.  Many people use a hardware firewall as the first line of defense with a software firewall as a second layer.  As he also said, a $50 router will be better than any software firewall by itslef.

    Now, a software firewall does have some advantages.  Most have additional options that can be configured out of the box, like different security for different people, live updates to keep it up to date automatically and the ability to block specific programs from executing, not just ports.

    Lets say you go out to web site xyz.  Your Hardwall firewall looks at the packets and sees what looks right coming back to your pc.  It lets it through.  Now your software firewall also looks at what is comin in and sees and stop some worm or trojan from executing.


    Author Comment

    Thanks for the advice. I'm learning a lot.

    Just one last question though: Are there any "must have" features when looking at low/medium-end firewalls to make them a worthwhile investment for a small home/office network?

    Many thanks for your advice.

    LVL 16

    Expert Comment

    For the hardware ones, I would get a statefull packet inspection, (which most have now) and for the software ones, I would go with a brand name, like Zone Alarm or Norton Internet Security.  Those are top rated and pretty easy to configure.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    Title # Comments Views Activity
    linux firewall 3 55
    Protection from Keyloggers, Spywares etc. 20 87
    Itunes Thru ISA 2000 Server 2 75
    TMG Firewall website policy 2 87
    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
    With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    856 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now