Software or hardware firewall

Posted on 2011-04-28
Last Modified: 2012-05-11
Hello All,

I'm going to be colocating several servers pretty soon and wanted to know if a Norton Firewall is sufficient to protect my data.  Is there anything that a hardware firewall can do which a software one cannot?  After all, hardware firewalls run on software.  Where's the added security for all that added cost?
Question by:Phil5780

    Accepted Solution

    Hardware firewalls allow you to take that processing away from the server that you are protecting.  Each time you deny a packet based on a firewall rule you are going to be using system resources to check each and every packet that the machine receives.  Plus you are going to inspecting traffic from your own LAN when doing local transactions with the server.  If you are not greatly worried about the traffic or you have a faster machine you can probably go the software route as most firewalls run with 400MHz processors.  Depending on the solution you chose there can be added benefits when choosing a firewall.

    If you have an extra machine around I suggest using ClearOS which is a linux operating system with a web management front-end.  It'll be cheaper than both options (provided you have the extra machine).
    LVL 5

    Assisted Solution

    Hi Phil

    Software firewall should do you just fine however I would steer clear of Norton Products unless you want huge load on your servers. The builtin Windows firewall will suffice for most instances especially on 2008 Servers it just works and works great.

    Brett Smith
    One IT NZ
    LVL 4

    Expert Comment

    I'm with InternetSquirrel for ClearOS, it's pretty good, but an extra box in a datacenter might be costly.

    do you have any control over the router that will mangage your public IP's ?
    You might be able to setup access lists there that only allow certain traffic to the IP's of your servers.
    (it might also be offered as a service).
    LVL 67

    Expert Comment

    This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    Suggested Solutions

    We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
    Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    This video discusses moving either the default database or any database to a new volume.

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now