Sign in with
Sign up | Sign in
Your question
Solved

Do I need a Firewall when I use a router?

Last response: in Networking
Share
September 18, 2009 5:24:43 PM

I've come across something interesting while researching about the Windows firewall, talking about whether or not to use a firewall. I quote, "You really ought to have a router doing NAT anyway, and never forward all traffic, only the traffic you need. And then you kinda don't need an inbound firewall either." What the hell is NAT and how do I make sure I forward only the traffic I need?

More about : firewall router

September 19, 2009 3:56:42 AM

NAT stands for Network Address Translation. Unless your PC is connected directly to the Internet, you most likely are using NAT which is provided by the router. For example, if your router's IP address is 192.168.1.1 and your PC's IP address is 192.168.1.2, then your router provides NAT functionality.

Most routers are firewalls. You normally configure them to meet your security requirements if the default settings are not appropriate. You definitely want a firewall (router, software on your PC or both).
m
0
l
September 19, 2009 4:17:59 PM

most routers CAN be firewalls is more accurate. quite a few of the routers i have seen require you to subscribe to a service in order to use the built in firewall.
m
0
l
Related resources
September 19, 2009 4:30:31 PM

The NetGear, Linksys and Cisco routers that I use all are firewalls and I don't need to subscribe to a service to use the firewall.
m
0
l
September 19, 2009 5:53:28 PM

I was just wondering if a router is also a firewall its self and if that is sufficient. I read elsewhere that if your traffic is forwarded properly then you don't need a software based firewall.
m
0
l
September 19, 2009 8:31:43 PM

That's correct, but using a good anti-virus still is recommended. Having a software firewall on your PC can't hurt, but it becomes less useful in a NAT environment if the router also is a decent firewall (most are quite good).
m
0
l
September 20, 2009 6:50:08 AM

Your router probably has a firewall in the firmware. You will need to log into the router using your web browser to set it up though. Additionally, if you are connecting via a wireless router, then you will also be using the router as a hardware firewall automatically.

Running an additional software firewall on each connected computer is always a good idea as an additional line of defense.
m
0
l
September 20, 2009 6:20:47 PM

See, I hate software based firewalls. I wish they could just be installed and boom, they automatically work. They're to confusing, annoying pop ups, and I think they cause lag.
m
0
l
September 20, 2009 7:03:24 PM

Malware scanners will definitely create lag. My software firewall doesn't cause lag however, it only blocks certain kinds of traffic to certain areas of the network. It doesn't touch or affect the kind of traffic it's set to ignore.

If you're going to rely on just the firmware in your router as a firewall, take the time to be sure you've correctly configured it. It will be your only line of defense.
m
0
l
September 21, 2009 7:07:47 PM

We need to remember that hardware-based firewalls, such as SOHO firewall boxes, routers, etc have their limitations. Their real strength is in dealing with incoming traffic. Where they fail is outgoing traffic. For example, an infected computer inside a network will continue to infect other computers in the netwok, and unfortunately the kind of protection that a hardware-based firewall provides cannot stop or prevent these kind of attacks. That's why I believe that a software-based firewall is important to have; I have begun to think of hardware-based routers as a "first line of defense".
m
0
l

Best solution

September 21, 2009 7:37:02 PM

ncarlson said:
We need to remember that hardware-based firewalls, such as SOHO firewall boxes, routers, etc have their limitations. Their real strength is in dealing with incoming traffic. Where they fail is outgoing traffic. For example, an infected computer inside a network will continue to infect other computers in the netwok, and unfortunately the kind of protection that a hardware-based firewall provides cannot stop or prevent these kind of attacks. That's why I believe that a software-based firewall is important to have; I have begun to think of hardware-based routers as a "first line of defense".


Agreed. Ozzman24, are you running multiple workstations on your LAN or are you primarily concerned with a single PC's internet connection?
Share
!