Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Difference Between a Firewall and Layer 3 Switch

Posted on 2006-06-15
8
Medium Priority
?
889 Views
Last Modified: 2013-11-16
What is the difference between today's L3 Switches and a firewall?
0
Comment
Question by:dignified
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 10

Expert Comment

by:bbrunning
ID: 16916371
A layer 3 switch is similar to a router. Today most layer 3 switches have the capabilities to put your traffic where you need like a router. A firewall is usually meant to block or manage incoming and outgoing traffic similar to a router but more secure and customizable.
0
 

Author Comment

by:dignified
ID: 16916427
But a full featured managed switch can block certain incoming and outgoing traffic can't it?
0
 
LVL 4

Expert Comment

by:neoponder
ID: 16916608
Depends on the swtich and what it can do. The line is blurring between firewall/router/swtich. Most of them can do the some or all of the other.

i.e. cisco 3750 with Advanced Security IOS can act as nicly as a pix.  

Of course, it could be argued it does not do security as well as a $60,000 checkpoitn firewall cluster.

You have to decide on the level of security you need and look at the features of the device and see if they are there.  Like VPN, nat, Advanced access lists, etc.,

0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 4

Accepted Solution

by:
neoponder earned 200 total points
ID: 16916619
Also, useally non-firewall's are lacking in the SPI arena.  So they will not be able to detecet advanced attacks or worms, viruses etc.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 16916640
A full featured layer 3 switch can manage traffic inbound and outbound on a port to port (software and ahrdware) basis with access lists and everything.
In other words you can setup access lists and restrictions for port 3389 to only go through port 12 on your switch. Port 3389 meaning software port, port 12 meaning the actual physical port on the switch.
0
 

Author Comment

by:dignified
ID: 16917213
I see, seems that the SPI is the most important difference. I will look to get a firewall then.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 16917544
You can't really put a decision between a switch and a firewall. The firewall only serves a specific purpose. Either way you'll need a switch if you have a network.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 16917577
second though, was this a "small" home or office network you were talking about the whole time?
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question