[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 952
  • Last Modified:

Benefits of a hardware firewall?

Hi.

In thinking about security for my PC, I am interested in better understanding what the benefits of a hardware firewall are to system security - as compared to a software firewall.

I notice that hardware firewalls are quite reasonably priced now. Is it worth investing in one - if so, any suggestion?

Thanks for considered feedback.

Regards,

TC.
0
timclyma
Asked:
timclyma
  • 2
  • 2
2 Solutions
 
lrmooreCommented:
With a hardware firewall, you can support multiple PC's behind it.
With a hardware firewall, you have more flexibility with what you want to do with it.
With a hardware firewall, you save CPU cycles on the PC which has a potential to slow you down.
With a hardware firewall, your PC won't be broken into directly if the firewall is compromised.
Hardware firewalls don't run Windows operating system. 'nuff said on that one.
The best scenario is a multi-layer "defense in depth" strategy.
  - hardware firewall
  - software hardening, patch management, Antivirus up to date, spyware blockers, etc
  - safe browsing practices, manual cookie management, etc
0
 
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
With a Hardware Firewall, you take the processing, etc., and put it on a box at the boarder of your network.  Most of the low end firewalls will block the typical ports and only allow traffic through that you request from the inside or that you configure in the firewall.  Some of the low end ones will give you some control over outgoing traffic, allowing you to setup DMZ's or having different security for different people.  The more you pay, the more features you get.  Even some of the low end will do stateful packet inspection.

I agree with Irmoore that a layered defense is the best strategy.  Many people use a hardware firewall as the first line of defense with a software firewall as a second layer.  As he also said, a $50 router will be better than any software firewall by itslef.

Now, a software firewall does have some advantages.  Most have additional options that can be configured out of the box, like different security for different people, live updates to keep it up to date automatically and the ability to block specific programs from executing, not just ports.

Lets say you go out to web site xyz.  Your Hardwall firewall looks at the packets and sees what looks right coming back to your pc.  It lets it through.  Now your software firewall also looks at what is comin in and sees and stop some worm or trojan from executing.

0
 
timclymaAuthor Commented:
Thanks for the advice. I'm learning a lot.

Just one last question though: Are there any "must have" features when looking at low/medium-end firewalls to make them a worthwhile investment for a small home/office network?

Many thanks for your advice.

TC.
0
 
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
For the hardware ones, I would get a statefull packet inspection, (which most have now) and for the software ones, I would go with a brand name, like Zone Alarm or Norton Internet Security.  Those are top rated and pretty easy to configure.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now