Sign in with
Sign up | Sign in
Your question

Software and hardware firewalls do I need both?

  • Routers
  • Hardware
  • Firewalls
  • Software
  • Networking
Last response: in Networking
October 23, 2006 4:25:42 PM

If im running a rouyter that has a built in firewall do I still need to run a software firewall such as Zone Alarm??

More about : software hardware firewalls

October 23, 2006 7:36:19 PM

It really depends on how much security you want on your PC.

The good thing about host based (software) firewalls is you can control program access to the network/internet. The firewall built into your router can only block inbound/outbound ports/hosts. By default your router probably blocks all inbound requests and allows all outbound requests. If you get a trojan installed on your computer which creates a connection (if your computer creates a connection it is an outbound connection and any data can be sent in either direction while that connection stays alive) to an irc server in china, any command sent back by the remote computer can be ran from your machine.

If you had a software firewall such as zone alarm, when you first install it you can set the security to "high" or allow access to only defined programs and deny to any others. This is the best way to go although it can be annoying when you install a new program (or game) that needs access to the internet, you must allow access for this program.
October 24, 2006 3:23:49 AM

Is this true for all hardware routers? Or just the cheap ones that come in your basic $50 home router?? Are the firewalls in the small business type routers like the Linksis Rvs4000 any better??
Related resources
October 24, 2006 11:08:59 AM

Router firewalls can only be generic and small firewalls. They must allow most of the traffic in. They usually only block IP's and ports. Software firewalls on your computer can be tailored to admit/deny specific connections and programs.
October 25, 2006 3:35:50 AM

The Linksys RVS4000 and WRVS4400N can block various IM and Peer-to-Peer applications by name (i.e. Yahoo, MSN, etc) and like most non-pro firewalls, can block specific ports. As others in the thread mentioned, you can also use a software-based firewall on your PC to provide even more flexibility in blocking PC host applications. I use McAfee Security Center since it is an all-in-one (Firewall, Spam, Anti-Virus, etc) and I get the home license free through my office. No brainer.
October 25, 2006 4:15:12 PM

Even for home users, I would recommend some implementation form of defense in depth. Any good firewall out there should be stateful. There are some firewalls that can do deep inspection but you need to shell out a lot of money for them.