[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Benefits of a hardware firewall?

Posted on 2004-10-31
Medium Priority
Last Modified: 2013-11-16

In thinking about security for my PC, I am interested in better understanding what the benefits of a hardware firewall are to system security - as compared to a software firewall.

I notice that hardware firewalls are quite reasonably priced now. Is it worth investing in one - if so, any suggestion?

Thanks for considered feedback.


Question by:timclyma
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 79

Assisted Solution

lrmoore earned 160 total points
ID: 12457369
With a hardware firewall, you can support multiple PC's behind it.
With a hardware firewall, you have more flexibility with what you want to do with it.
With a hardware firewall, you save CPU cycles on the PC which has a potential to slow you down.
With a hardware firewall, your PC won't be broken into directly if the firewall is compromised.
Hardware firewalls don't run Windows operating system. 'nuff said on that one.
The best scenario is a multi-layer "defense in depth" strategy.
  - hardware firewall
  - software hardening, patch management, Antivirus up to date, spyware blockers, etc
  - safe browsing practices, manual cookie management, etc
LVL 17

Accepted Solution

Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security Officer earned 140 total points
ID: 12463332
With a Hardware Firewall, you take the processing, etc., and put it on a box at the boarder of your network.  Most of the low end firewalls will block the typical ports and only allow traffic through that you request from the inside or that you configure in the firewall.  Some of the low end ones will give you some control over outgoing traffic, allowing you to setup DMZ's or having different security for different people.  The more you pay, the more features you get.  Even some of the low end will do stateful packet inspection.

I agree with Irmoore that a layered defense is the best strategy.  Many people use a hardware firewall as the first line of defense with a software firewall as a second layer.  As he also said, a $50 router will be better than any software firewall by itslef.

Now, a software firewall does have some advantages.  Most have additional options that can be configured out of the box, like different security for different people, live updates to keep it up to date automatically and the ability to block specific programs from executing, not just ports.

Lets say you go out to web site xyz.  Your Hardwall firewall looks at the packets and sees what looks right coming back to your pc.  It lets it through.  Now your software firewall also looks at what is comin in and sees and stop some worm or trojan from executing.


Author Comment

ID: 12532714
Thanks for the advice. I'm learning a lot.

Just one last question though: Are there any "must have" features when looking at low/medium-end firewalls to make them a worthwhile investment for a small home/office network?

Many thanks for your advice.

LVL 17
ID: 12543332
For the hardware ones, I would get a statefull packet inspection, (which most have now) and for the software ones, I would go with a brand name, like Zone Alarm or Norton Internet Security.  Those are top rated and pretty easy to configure.

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question