More than one firewall needed? - Network

This is a discussion on More than one firewall needed? - Network ; Howdy, We have a 5 node net in our small office. We do Internet through a cable modem, and then share through a router. That router has a built-in firewall. Prior to getting the cable modem, we had been dialing ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: More than one firewall needed?

  1. More than one firewall needed?


    Howdy,

    We have a 5 node net in our small office.

    We do Internet through a cable modem, and then share through a router.
    That router has a built-in firewall.

    Prior to getting the cable modem, we had been dialing up, and had
    ZoneAlarm on each system.

    Now that we have the hardware router with its firewall functionality,
    is there any benefit to keep running the software firewall on the
    individual systems?

    Thanks for any information about this,

    --
    Kenneth

    If you email... Please remove the "SPAMLESS."

  2. Re: More than one firewall needed?


    "Kenneth" wrote in message
    news:ldijm0529fnjpis3v8vq3kkdv9s7q8i0sj@4ax.com...
    >
    > Howdy,
    >
    > We have a 5 node net in our small office.
    >
    > We do Internet through a cable modem, and then share through a router.
    > That router has a built-in firewall.
    >
    > Prior to getting the cable modem, we had been dialing up, and had
    > ZoneAlarm on each system.
    >
    > Now that we have the hardware router with its firewall functionality,
    > is there any benefit to keep running the software firewall on the
    > individual systems?
    >
    > Thanks for any information about this,
    >
    > --
    > Kenneth
    >

    Hi Kenneth,

    i would suggest that you keep your software firewall onn each machine. The
    rationale being that, I assume, you have no control over what material each
    user downloads. If one of them downloads something malicious, it could
    then attack any unprotected user on your internal network.

    Kind regards, Mike.



  3. Re: More than one firewall needed?

    "Kenneth" wrote in message
    news:ldijm0529fnjpis3v8vq3kkdv9s7q8i0sj@4ax.com...
    >

    [snip]
    > Prior to getting the cable modem, we had been dialing up, and had
    > ZoneAlarm on each system.
    >
    > Now that we have the hardware router with its firewall functionality,
    > is there any benefit to keep running the software firewall on the
    > individual systems?


    Are you sure the hardware router has sufficient control mechanisms to
    control the traffic going through it?

    There are enough hardware routers with a firewall that only block very basic
    treats and a desent firewall behind it is not a luxery.

    Here I have a ADSL router (not acting as a router, but rather a modem) with
    an integrated packet filter that can be configured (looks like a simple
    ipchains). It provides blocking for a lot of traffic on the netbios ports.
    Behind is a software firewall that inspects the traffic and enforces a
    really strict policy. The software firewall is also a lot more flexible.

    [snip]



  4. Re: More than one firewall needed?

    HI
    You benefit by haveing out bound protection.

    On Sun, 10 Oct 2004 19:48:54 -0400, Kenneth
    wrote:

    >
    >Howdy,
    >
    >We have a 5 node net in our small office.
    >
    >We do Internet through a cable modem, and then share through a router.
    >That router has a built-in firewall.
    >
    >Prior to getting the cable modem, we had been dialing up, and had
    >ZoneAlarm on each system.
    >
    >Now that we have the hardware router with its firewall functionality,
    >is there any benefit to keep running the software firewall on the
    >individual systems?
    >
    >Thanks for any information about this,
    >



  5. Re: More than one firewall needed?


    "Serial # 19781010" wrote in message
    news:0umpc1tud2h5r832lu4dh26pi3126vr6g4@4ax.com...
    > HI
    > You benefit by haveing out bound protection.
    >
    > On Sun, 10 Oct 2004 19:48:54 -0400, Kenneth
    > wrote:
    >
    > >
    > >Howdy,
    > >
    > >We have a 5 node net in our small office.
    > >
    > >We do Internet through a cable modem, and then share through a router.
    > >That router has a built-in firewall.
    > >
    > >Prior to getting the cable modem, we had been dialing up, and had
    > >ZoneAlarm on each system.
    > >
    > >Now that we have the hardware router with its firewall functionality,
    > >is there any benefit to keep running the software firewall on the
    > >individual systems?
    > >
    > >Thanks for any information about this,


    Your router probably does nothing but provide a NAT boundary. In other
    words, it prevents outside machines from making independant unsolicited
    connections to your desktops.

    That's it.

    It doesn't stop a trojan from connecting out and giving full access to your
    machine. It doesn't prevent malicious web scripts from compromising the
    machine. It doesn't prevent virus payloads executing within your network
    from attacking the other machines within your network.

    Software firewalls, when they are working and *correctly configured* do all
    this for you. They can also prevent users from doing some things you may
    not want them doing at the company.

    -Russ.



+ Reply to Thread