Re: Hardware Firewall??

From: Chuck (none_at_example.net)
Date: 08/26/05 

Date: 26 Aug 2005 09:52:05 -0500

On Thu, 25 Aug 2005 07:50:25 GMT, Ralph Höglund <ralphot@telia.com> wrote:

>What is the difference between a "hardware firewall" and
>a "software firewall"?
>
>If there is a difference why does everybody say that the hardware
>one is better?
>
>In my oppinion the hardware firewall is the shield/wall between the engine
>compartment and the driver/passenger seats in a car!
>
>I can not see that hardware can protect against attacs from Internet.
>
>Is a firewall built into a router a hardware or software firewall?
>
>I have a Freesco router and software firewall running in hardware!
>
>Ralph in Sweden

Ralph,

A "software" or "personal" firewall runs on the computer that it's protecting,
and protects only that computer. A "hardware" firewall runs on a separate piece
of equipment, and provides perimeter protection, to a group of computers.

Both hardware and software firewalls require an operating system. The hardware
firewall contains a stripped down operating system, that provides only the
ability to examine, and to move, packets between the interfaces (WAN and LAN),
and maybe a small web server that allows you to make configuration changes.

The software firewall uses an operating system that lets you use your computer
for non-firewall purposes, and make changes to reflect how you want to use your
computer.

There are advantages and disadvantages to both. Saying that one is better than
the other is like saying Coke is better than Pepsi, or Chevrolet better than
Ford.

Hardware Firewall.
# Advantages: Smaller and more efficient. Contains less code to exploit.
Contains minimal code that can be exploited by the user. Filters malicious
incoming traffic before it hits the protected computers. Has a dedicated
processor, and dedicated storage, which when in use does not impact use of
protected computers.
# Disadvantages: Has no knowledge of programs running on the protected
computers, so can't effectively filter outgoing traffic. The dedicated
processor, and dedicated storage, is finite in capacity, so must be carefully
chosen for the intended workload. Can be exploited by overload. Requires one
more power connection, and one more network cable. Hardware is not easily
upgradable, except by replacing the firewall itself.

Software Firewall.
# Advantages: More configurable. Since it sits on your desktop, you can make
changes at will. Since it can hook into the operating system, it knows what
programs are running there, and can protect accordingly. Provides individual
protection - if one computer in the LAN gets infected with malware, all
computers running a software firewall are protected. Is easily upgraded, by
adding hardware to the protected computer.
# Disadvantages: More configurable. Since it sits on your desktop, you can make
changes at will. Uses processor power, and storage, which may compete with use
of computer, causing tuning needs, and temptation to disable features. Can be
exploited, thru its many features. Malicious incoming traffic is filtered only
after it hits the computer, and the operating system.

A Freesco firewall appears to be a personal firewall, running on a (hopefully)
dedicated computer running Linux. Linux is an operating system, and has the
features of an operating system. How do you use the Freesco box? Does it
contain any applications, such as a web browser or text editor? Does it support
a monitor and keyboard, or do you configure it thru a web browser? When you
load Freesco, does it strip down the features, to make it more like the
operating system in a "hardware firewall"? All of these questions determine how
versatile it is, and how exploitable it is. 

-- 
Cheers,
Chuck
http://nitecruzr.blogspot.com/
Paranoia is not necessarily a bad thing - it's a normal response from experience.
Quantcast