Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

i have entities like below


how to find corresponding  foreign special character.

Please advise
Simple Misconfiguration =Network Vulnerability
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

Need help determining the OUTBOUND Windows firewall rule(s) necessary to allow the following command to be run FROM a Win2016 server. The issue goes away if the Windows firewall is set to "Allow" all OUTBOUND connections.

Get-WmiObject -ComputerName $RemoteComputer -namespace "ROOT\Cimv2" -Class Win32_ComputerSystem

Open in new window

When the outbound firewall is enabled, the result of this command is a "No such interface supported" error, and the firewall log shows "DROP TCP x.x.x.x y.y.y.y 50011 49154 0 - 0 0 0 - - - SEND". The "Windows Management Instrumentation (WMI-Out)" is enabled with it's default settings and being respected, as it's visible in the "Monitoring" rules. I've also pretty much tried all available predefined outbound rules with no success.
Currently we have TMG as web proxy and websense as web filtering
We are going to replace TMG with Bluecoat SG Appliance.

Hence I need to know which design is considered as best in terms of secure and efficiency.

We have 1500 users.

Any help would be appreciated.
Hi I wish to use the SDM or ASDM or CCP software & have been looking at the following 2841 cisco routers as they should be compatible.

I wish to know which one would be the best to purchase ?
I have been doing some research into setting up redundant ISPs on the PANs (Palo Alto firewalls), and it seems that if we don't want to run BGP for that site, the best alternative seems to be PBF.  Am I on the right track with that?  Are there other alternatives?
Hi Everyone

What is the best practice for gateways. For example we got blacklisted a while ago and public ip is still blacklisted on spam rats. It says about reverse lookup not being setup

the exact message "Does IP Address comply with reverse hostname naming convention". While letting my isp know we were told to liase directly with spamrats which i did but the ip has not been given ok by spamrats. I think that they want us to set reverse DNS on gateway.

1) What is the best practice for gateways?
2) What happens if i give it a name with my domain?
3) Does it interrupt my traffic?
4) Do i have to change my firewall rules based on the name change?
5) What all do i have to do to get this done?
6) What is the whole purpose of reverse dns on gateway as i was told by my ISP that they only setup if told by a customer to do so?
For PAN FW's OS upgrades in HA active/passive mode.  Can anyone point to the process steps?
Does it required to suspend HA first or doing passive first then failover to the active node?  
Please advice or point to the right link.  Planning to upgrade to the latest 8.0.8 release for PA-850 models.
I am receiving intermittent issues on a client server. After a while, users cannot access the internet or internal servers. Unfortunately, I am not on site and only have access to the logs as we need to restart the server before I can get there to minimise down time for all users.

Once the server is restarted, all users can access the internet/internal servers/share drives etc.

This has only come up over the couple of months randomly. Previously the DNS servers on the server had another IP which is the virtual server NIC (nic 2) and the TCP/IP V4 DNS had The 169.x.x.x has been removed and the has been changed to

Would really appreciate what else I should be looking at as this has me stumped. Are there any ports on the firewall that need to explicitly be open?

The errors at the times of the issue commencing is Netlogon error 5774 entries. I have copied one below however have slightly changed the DNS record of the internal domain name. The IP Address is the Server 2012 R2 DC. It is the only one on the network.

The dynamic registration of the DNS record 'DomainDnsZones.DOMAINNAME.local. 600 IN A' failed on the following DNS server:  

DNS server IP address:
Returned Response Code (RCODE): 0
Returned Status Code: 10054  

For computers and users to locate this domain controller, this record must be registered in DNS.  

Determine what might have caused this failure, …
Ok can someone please explain how to get my VPN IP pool talking to my inside network. Everything works fine using any connect VPN client. Assigns IP address but I can not ping inside subnet and the firewall itself cannot ping the VPN IP pool address .

update: ok now the firewall can ping connected client in the VPN IP Pool address and it can ping the internal (inside) network but the VPN client cannot ping the inside subnet.

My goal here is to be able to launch ASDM to administer the firewall from afar. Any help would be appreciated..
Looking for the security of a Web Application Firewall, with the least amount of work.

I have been told I needed a Web Application Firewall (WAF) and wonder if it's smarter to use a Web Cloud based WAF? It's for a .NET MVC App. running on IIS.

It sounds like it's a smart way to get security, without first needing to become an expert in it. And to know they are always on the lookout, making their system more secure, would let me rest easier.

Any good names you can recommend?

Also, how difficult is it to "build our own?" What kinds of customization capabilities would we lose, if we went with a Cloud based version?

How long might it take to deploy a cloud version of the WAF?

If I wanted to use AWS, for example, must I also host my website with AWS?

The Lifecycle Approach to Managing Security Policy
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

We have Watchguard m400. The firewall is blocking EXE download. I want to allow only help desk to be able to download EXE, drive etc. How can i do this ?

My OS is win10 pro 64 bit.  Due to recent security hacking on my pc, I am thinking if NordVPN would provide the security preventing everyone from entry.  I have Avast Premier protection.  Or can I use ZoneAlarm or some other software.  Thank u and regards.
i currently have a watchguard firebox with UTM and using vmware.
im currently upgrading the environment to the latest vmware and nsx.
is it recommended to eliminate the watchguard and ONLY use NSX?
Checkpoint R 75.46

I have installed smart center on one VM and trying to connect from one host machine via smart dashboard.

I am getting an error attached.

I can ping to smart center server and telnet on port 18190.
Dear Expert,

I will shut down my Checkpoint Firewall R77 and Hitachi San (model: HUS130) . Could you please provide a startup and shutdown procedure for Checkpoint and HItachi SAN manual. In addition, Will share your experience for shutdown /startup process. Thanks
I work in a hospital. We use the Stratus iPad app for interpretation.  We have a guest internet circuit that these iPads are on.  The circuit was recently upgraded from 35 Mbps to 100 Mbps. No other changes that i know of. Around that time the Stratus app stopped connecting. There is an asa 5505 on this circuit, but only default config is enabled.

 I took the ipad home and the app worked fine on my home wifi.  I ahve contacted the vendor and our ISP. Both claim it must be a firewall issue, but nothing has changed.  Any ideas?
I use FreeBSD ipfw, I want to measure current speed in bytes per second and packets per second for monitoring.
If I have a pipe and two queues in it, ipfw doesn't give current speed when executing 'show'. If I try to measure speed by counters (ipfw rules), I don't get real speed because counters measure queue input, some packets can be dropped in queue or pipe.
Please, help.
I have a ubuntu server on wan. i can connect to it via ssh from windows on another ip rang.
my clint not ping it and i can't ping my client from server.
how to use X app from server i install xinit and x app on server .
firewall is disabled on ubuntu server.
Managed Security Services Webinar - March 15
Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.

Are there any well-known repercussions related to disabling NetBIOS for my workstations. There is a lot of broadcast chatter I’d like to eliminate. Also, many of the workstation firewalls are blocking UDP 138 and 137. This blocking combined with the broadcasts results in security logs that are being written to four times a minute per workstation. Quite a lot of work for nothing possibly?

I disabled netBIOS on one workstation and I’m not seeing any issues yet. Is it OK to disable it networkwide?
PFSense v. 2.2.4, connected to a Comcast circuit with 30 down, 15 up.  A computer connected directly to the PFSense tests speeds at right about 30 / 15.  But if a switch is introduced, the speed drops to 2-4 / 10-12.  Several switches have been tried - all 10/100/1000, none managed or manageable.  Several computers have been tried.  Same result with each.  In each case only the testing computer and the PFSense were plugged into the switch - no other devices.  In the PFSense, the LAN interface is set to automatic and shows a connection at 1000 BT, full duplex.  What could possibly be happening that slows the internet down so significantly simply by virtue of introducing a switch?  And it should be noted that upload speeds are still good, it's just download that drops down significantly.   I do realize that the PFSense needs to be updated to a more recent version, and I will do that, but since the speed is just fine when the computer is directly connected I really don't think the version upgrade is the issue.  Any ideas are appreciated!
Many windows 7 workstations on the LAN have full security event logs. The issue is from many netBIOS broadcasts that are being blocked by the Windows firewall and then logged as an Audit Failure.

Why are all workstations broadcasting to each other so much that the logs are filling?
Is the broadcasting normal behavior?
Will it break the network if I disable or block netBIOS from all workstations? I do use the c$ share remotely.
Possibly the firewall shouldn't be blocking this?

Tons of questions because I want to understand this behavior. Thanks!


The Windows Filtering Platform has blocked a packet.

Application Information:
      Process ID:            4
      Application Name:      System

Network Information:
      Direction:            Inbound
      Source Address:  
      Source Port:            138
      Destination Address:
      Destination Port:            138
      Protocol:            17

Filter Information:
      Filter Run-Time ID:      635422
      Layer Name:            Receive/Accept
      Layer Run-Time ID:      44
We have a cloud based firewall provided by our MPLS provider. They recently moved from Cisco to Fortinet. We are given access through a web dashboard.

I knew how to to this with the cisco but not the fortinet. I'm trying to create a rule/policy where i can group a few internal IP's together where they go out and use the same external static IP.

how to mute moto 4g plus camera.
when i take i hear click sound which i hate. i want silent camera. please advise

Was just wondering, what logging you enable on your ASA? I ma not sure what to send to my logging server.


Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls