readyyy
asked on
Is ICF recommended when a hardware firewall is available?
Hello
In my network, i have a Cisco Hardware Firewall.
I use Windows XP Service Pack 2 as my client computer. Should i use the ICF, the Hardware Firewall, or both?
Does ist cause problems it i use the Hardware Firewall and ICF together? On which OSI Layer does ICF operate?
In my network, i have a Cisco Hardware Firewall.
I use Windows XP Service Pack 2 as my client computer. Should i use the ICF, the Hardware Firewall, or both?
Does ist cause problems it i use the Hardware Firewall and ICF together? On which OSI Layer does ICF operate?
http://www.protocols.com/pbook/tcpip1.htm This can help you understand what applications use certain layers, but with tcp you can think of a port being allowed on a firewall as transport layer (3). The xp firewall is able to block on all layers (broadcast's etc...) Technically you can allow things like dhcp bradcast's and icmp etc... so it will allow on layer2 as well.
-rich
-rich
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
True, the "gray-area" is that it can block layer2 broadcasts, and 3, which will null the other layers as no handshake can take place without layer 3 or above, and it's able to block UDP no problem as well. Again it has no grainular control, it's either an open port, or a closed port- it can't filter on anything more than that(icf that is).
-rich
-rich
You can use both, it's no harm. Windows firewall is great blocking traffic, but it's not a configurable as other firewalls, meaning you can't allow certain ip's in and deny all others, it's really an all or nothing blocker. You allow a port, and any device can connect to that port. A hardware firewall or even commercial software firewalls allow you to configure the control alot more typically.
-rich