Link to home
Start Free TrialLog in
Avatar of fuzzyjon79

asked on

Router, Firewall, or Both?

Is it a good idea to buy a router as a security measure for your home PC instead of using a firewall?  Would I need a firewall also, or will the firewall alone be enough?  I have heard that buying and installing a router is great security... especially if you use a high speed cable or dsl connection.  Is this true?  What are your thoughts?  
Avatar of Pete Long
Pete Long
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of stevenlewis

Yes, it's agood idea (most home gateways have a firewall built in) I have one, but also use zone alarm
Why you ask?
because a hardware firewall will trigger a port to open from the inside (will block external access)
but ZA will ask you if you want to allow an app to access the internet, therefore blocking nasties from trying to reach the outside
So, I have two fences blocking outside access to the inside, and one blocking internal access to the outside
great minds steve :)
In my opinion, Both - because a router helps you *route* incoming IP packets to multiple pc's in your home, as well as block them at a central point of entry, your DSL or cable modem. And if you run NAT, you only need one IP address from your ISP if you have more than one networked pc in the house.

But a router doesn't protect individual pc's from infecting one another on the inside network, particularly if one of them gets trojaned. That's where desktop firewalls come in, to protect your individual pc's from any hostile activities that might be happening behind your routers "wall" to the outside internet.  It's a mult layered approach. One H/W firewall (Your router) and S/W Firewalls (your Desktop Firewalls).

it's easier to envision the overall linking as:

       Your ISP
      Your Modem
     Your  Router
     Your Network Switchs/hubs/cabling
      |                |
S/W Firewall    S/W Firewall
     |                 |
  PC#1              Pc#2


The point goes to steven ... ;-)
The zonealarm firewall provide security from the inner network - imagine you get a trojan loaded on your PC. The Router will never know, as all packets are coming from the inside and so are "secure". Only zonealarm (or another) is watching your PC (and has the system-rights to do so) and "knows", what application started the process (and only YOU know, if the application may do so) and can block it before nasty work spreads all over the world

regards Holger
?????????didnt I say that??????????????
yeah yeah .. *bow* .. calm...

you said, that he'll need both: Router and firewall - steve just explained why that's so neccessary...

You'll better know than me, that customers will be more satisfied if they really beleive in the solution ;-)

LOL, but first counts just as much if not more :-)
The lines between a router and firewall are getting pretty blurred. As a lot of routers now days incorporate firewall functions, and firewalls provide what in the past have been mostly router functions. The difference between wanting one or the other, or both really boils down to the level of control you want for routing, and firewall functions.

If security is the top priority with a little port forwarding a lot of firewalls are more than capable of doing that, but if you need real routing capabilities like to route between multiple networks you are probably going to need a router. The only way to really tell if you need one, or both is list your needs, and see if just a firewall or router can provide for all of them. If one can handle it all, there really is no advantage of having both. Since if your needs change latter, you can always add the other, so I see no big advantage to having both to start if you really don’t need them.