jamroc2000
asked on
Softwware Firewalls Completely Unnecessary and simply waste resources
I am told by a pretty well respected person in the computer/video industry that HARDWARE firewalls are absolutely essential, however SOFTWARE firewalls are a COMPLETE waste of money, resources and time. They do nothing, have never done anything to justify their existance.
He travels the world 3 weeks out of the month and when asked who is his ISP when staying at hotels and such he rattled off a list I've never heard of, but he adamently says that hands down nothing beats Norton to completely protect a machine no matter when, how, where, why is it connecteced to the Net. He travels without a Hardware firewall and maintains the same thoughts whether plugged into the company network directly at the offices or when in South Korea at a hotel.
He also insists that Norton barely touches system resources (I'm told Norton uses up to 30% when it gets busy).
Anyone have any comments to resolve this? Should I get rid of my software firewall? Should I switch to Norton? I have been using EOD32.
Thanks!
He travels the world 3 weeks out of the month and when asked who is his ISP when staying at hotels and such he rattled off a list I've never heard of, but he adamently says that hands down nothing beats Norton to completely protect a machine no matter when, how, where, why is it connecteced to the Net. He travels without a Hardware firewall and maintains the same thoughts whether plugged into the company network directly at the offices or when in South Korea at a hotel.
He also insists that Norton barely touches system resources (I'm told Norton uses up to 30% when it gets busy).
Anyone have any comments to resolve this? Should I get rid of my software firewall? Should I switch to Norton? I have been using EOD32.
Thanks!
I'm sorry but I greatly disagree with your friend. THe one thing I do agree on is that Hardware firewalls are better than software firewalls but software firewalls arent a complete waste of money. I have been using zone alarm for 4 years before I got my first router (and I turned that hardware firewall off because it was causing problems) and have never been hacked. Norton is by far the worst program I would reccomend anyone because of the resources it takes up. It can take up-to 50% of the resources at the time. I'd stick with the program you use, although, i ve never heard of EOD,do you mean NOD32? One good firewall, I would also reccomend Zone alarm because of my expierience with it. However, the decision is decided all upon personal preference.
I absolutley agree with the information you received that a Software firewall is a waste of money. The False sense of security that comes from most of these preloaded "security" software suites is a joke. I can not begin to tell you how many computers I have repaired from clients who said "but I was using my security software..."
The only true security is that which comes from a Hardware Firewall that provides true D.O.S.
buying the software, downloading the free ones, waste of time and money.
Besides you can purchase a very good firewall+router+multiport switch+wireless access point(all one unit) for under 200 bucks
The only true security is that which comes from a Hardware Firewall that provides true D.O.S.
buying the software, downloading the free ones, waste of time and money.
Besides you can purchase a very good firewall+router+multiport switch+wireless access point(all one unit) for under 200 bucks
Like most things in life, there is no one good solution for everyone :)
Norton works well most of the time, but I have seen it go haywire on some systems and bog them down completely. If it works for you and your friend, no need to change, but if you have problems.... try a different product.
HW vs SW firewalls - they can both be equally effective. Hardware firewalls don't use any system resources, but software firewalls use hardly any, and cpu time is almost free. Hardware firewalls are not as likely to be turned off by malware, but again, if it works for you, both are OK. Software firewalls travel with you and your laptop. The difference is mostly in the details.
If you keep your system patched and use safe computing pratices, the fact is that you'll barely need either a firewall or an AV program.
To each his own...
Norton works well most of the time, but I have seen it go haywire on some systems and bog them down completely. If it works for you and your friend, no need to change, but if you have problems.... try a different product.
HW vs SW firewalls - they can both be equally effective. Hardware firewalls don't use any system resources, but software firewalls use hardly any, and cpu time is almost free. Hardware firewalls are not as likely to be turned off by malware, but again, if it works for you, both are OK. Software firewalls travel with you and your laptop. The difference is mostly in the details.
If you keep your system patched and use safe computing pratices, the fact is that you'll barely need either a firewall or an AV program.
To each his own...
ASKER
Yes - I meant NOD32, not EOD32...onethiong I like about is practically daily updates. My friend says Norton releases virus updates EVERY DAY but I sure can't seem to find them. Updates to me are one of the most important defenses we have, no?
ASKER
OC2Vegas: By security software I assume you include Norton and McAfee and all of thise, correct?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It depends on what you mean by software firewall. Hardware firewalls are a must but application firewalls are another great tool to have. Dont know if you are reffering to application firewalls but I can tell you that app firewalls will also let you know when an application attempts to run or make connections. This is important because if you are infected with Trojan viruses, the app firewall will detect the process attempting to run and you can prevent data leaks. Most definitely hardware firewalls are you first line of defense to the outside. Maybe add a desktop or app firewall in addition to stengthen your security.
The man hasn't a clue as to what he is talking about.
Software firewalls do one major task that most limited function router/slash so-called firewalls do not do - control what goes out of a computer. Some software firewalls can also lock down a machine so application changes can be detected and blocked. Software firewalls also do port blocking and without this function alone you are bound, sooner or later, to get nailed by malware.
I'm not impressed by Symantec's AV/Firewall product line. Too bloated with old code, too cpu intensive, and too dificult to administer for most users. And their AV product is not that great for spyware/adware. I don't think there is a good product out there right now, quite frankly. If I had to pick one for my personal use I'd say BlackICE in combination with Zone Alarm. And I use a packet sniffer when installing any new applications to see who and what they talk too.
Software firewalls do one major task that most limited function router/slash so-called firewalls do not do - control what goes out of a computer. Some software firewalls can also lock down a machine so application changes can be detected and blocked. Software firewalls also do port blocking and without this function alone you are bound, sooner or later, to get nailed by malware.
I'm not impressed by Symantec's AV/Firewall product line. Too bloated with old code, too cpu intensive, and too dificult to administer for most users. And their AV product is not that great for spyware/adware. I don't think there is a good product out there right now, quite frankly. If I had to pick one for my personal use I'd say BlackICE in combination with Zone Alarm. And I use a packet sniffer when installing any new applications to see who and what they talk too.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Q: Which is better an airplane or an automobile?
A: Depends on where you are going.
"Better" is so subjective and application specific. Most IT security pros will recommend DiD (defense in depth - from wikipedia "Likewise, in information security defence in depth represents the use of multiple computer security techniques to help mitigate the risk of a one defence being compromised or circumvented. An example could be anti-virus software installed on individual workstations when there is already virus protection on the firewalls and servers within the same environment. Different security products from multiple vendors may be on different vectors within the network, helping prevent a shortfall in any one defence leading to a wider failure.")
So it comes down to cost-benefit analysis. Can you afford a hardware firewall + a software firewall? Good do both. Is it worth the hassle of lugging around a hardware firewall? No? Use a software firewall. Can't afford a professional software firewall, use XP built in.
The most secure computer in the world is locked in a vault and never turned on. Not very useable though... ;-)
Add as much security as you can but remember that the computer is a tool; if you can't use it, not much good.
A: Depends on where you are going.
"Better" is so subjective and application specific. Most IT security pros will recommend DiD (defense in depth - from wikipedia "Likewise, in information security defence in depth represents the use of multiple computer security techniques to help mitigate the risk of a one defence being compromised or circumvented. An example could be anti-virus software installed on individual workstations when there is already virus protection on the firewalls and servers within the same environment. Different security products from multiple vendors may be on different vectors within the network, helping prevent a shortfall in any one defence leading to a wider failure.")
So it comes down to cost-benefit analysis. Can you afford a hardware firewall + a software firewall? Good do both. Is it worth the hassle of lugging around a hardware firewall? No? Use a software firewall. Can't afford a professional software firewall, use XP built in.
The most secure computer in the world is locked in a vault and never turned on. Not very useable though... ;-)
Add as much security as you can but remember that the computer is a tool; if you can't use it, not much good.
Prioritising risks to access is useful when assigning machines to connections and end users where a limiting budget may not get you the latest bug free architecture. Data content and flow with, most definitely, a need to know requirement is time honoured as is continued computer security education with well meaning end users. However, some secrets are better left to D.O.S. rather than published.