Re: Software Firewall
- From: "K2NNJ" <ktwonnj@xxxxxxxxxxxxx>
- Date: Sun, 26 Feb 2006 23:49:12 -0500
I was previously using a Netgear FR114P. From their website the only
difference I can see between the two is:
1. It's obviously not wireless and,
2. It's ICSA certified
Other than those two is there a difference?
Thanks,
"Duane Arnold" <NotMe@xxxxxxxxx> wrote in message
news:c5tMf.4713$5M6.1352@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
K2NNJ wrote:
So i'm good with what I got?
If you're not doing the high risks things with the router like port
forwarding, then you should be OK. I see the router does have SPI and
that's good and some other security features. For downloading things that
you have indicated in your post, it's not a FW's job to be concerned about
it. But most PFW(s) have some kind of application control that will alert
on dubious applications that could be installed on your machine and ran.
That feature can easily be defeated and I have disabled that feature on
the laptop PFW that I use on the road. It's a worthless feature IMHO and
I use other tools from time to time to tell me what is happening on the
machine.
While I am at home, the FW appliance I use provides all the protection in
stopping inbound and outbound traffic between LAN to LAN, LAN to WAN and
WAN to LAN by port, protocol or IP and also logs all inbound and outbound
traffic by WAN and LAN IP(s). If your router can stop inbound and outbound
and there are those routers that are packet filtering FW routers that
also have logging of traffic that can do it, then you're good to go wired
or wireless. You don't need a PFW period.
However, you have a wireless solution and I don't think the router can
stop outbound. Because it's a wireless solution, someone could hack the
wireless, join your network and be all over the top of your machines wired
or wireless. For that reason, you might want to keep the PFW(s) on the
machines setting rules to only allow traffic between the approved IP(s) on
your LAN between the machines.
PFW(s) and other packet filter solutions at the machine level have their
place in the protection as long a they don't bring complication to the
picture. As far as some kind of file download protection, that's not any
FW's job period.
If you're comfortable without the need of a PFW or some other packet
filter that can stop outbound behind the router, then go without the PFW.
On the other hand, I myself would prefer to have a router that at least
meets the specs in the link to be fully comfortable without the need of
something supplementing the router. It's just my my opinion on it and some
have a completely different view on it. It's something you're going to
have to decide as to what's best for your needs.
http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
Duane :)
"Duane Arnold" <NotMe@xxxxxxxxx> wrote in message
news:Ji4Mf.3639$S25.861@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Woody wrote:
The software firewall will give you a heads up if you happen to download
something that decides to send your information to the world.
Personal FW's have that trash in them. Host based network FW's, packet
filtering FW routers and FW appliances have no such trash. Some would say
that a PFW is not a FW since it doesn't separate two networks and is only
machine level protection when it does its job as some kind of packet
filter and not using all the other bloat trash in PFW solutions.
Duane :)
.
- Follow-Ups:
- Re: Software Firewall
- From: Duane Arnold
- Re: Software Firewall
- References:
- Software Firewall
- From: K2NNJ
- Re: Software Firewall
- From: Woody
- Re: Software Firewall
- From: Duane Arnold
- Re: Software Firewall
- From: K2NNJ
- Re: Software Firewall
- From: Duane Arnold
- Software Firewall
- Prev by Date: Re: Reliability of Networking Hardware?
- Next by Date: Re: Reliability of Networking Hardware?
- Previous by thread: Re: Software Firewall
- Next by thread: Re: Software Firewall
- Index(es):
Relevant Pages
|
