NooB asks: Is a router the only option for a hardware 'firewall?"

[Scurvy]

I just built a new PC - it is virgin white boys .... never been logged on to anything. It has the linksys 10/100 card. (I'm on work PC right now)

Time Warner is rolling out Roadrunner here next month - first time our town has ever had a real broadband option (unless you count DirecPC).

I want to make sure I "do it right." I'm a firm believer in doing it right the first time. From lurking about it appears a router seems to be the "right" answer when it comes to primary firewall. But, isn't a router designed to do just that ... route and switch, for multiple networked PC's? Isn't it a bit of hardware overkill for a single user, single PC on a cable modem??

So, being a complete idiot, I'm not afraid to ask: Is there an alternative hardware firewall to the router?

 

[cipher00]

You could use hub, if you really wanted to go hardware. Otherwise, a strong software firewall like Zonealarm (Pro) will help a lot, and you'll certainly need one. Others like Tiny.

 

[joelryan2k]

there are hardware firewalls but I've never seen any targeted at consumers. they're much more complex than the average joe needs.

You basically have the option of hardware router that does NAT or you can hook your computer directly to cable modem (no NAT). If you do this, you really should run a software firewall like zonealarm

A NAT router will effectively protect your computer from scanning/attacks but not all internet applications work with a router.

-- Joel

 

[jackwhitter]

a router is a cost effective option.. they make stand alone firewall units that you hook up between your outside and inside network. another option is to set up a 2nd computer as dedicated firewall (using linux or something like that.) this is similar to the dedicated firewall except, that you use consumer hardware.

 

[JackMDS]

It may be Overkill for a single computer.

But it is $50-$70 Overkill. (Scary, imagine volume of Junk food that you can buy for such amount).

With the right Router, you get:

1. Hardware firewall.
2. Printer Server,
3. DHCP.
4. Network and Routing capacity for the future.

There are no significant differences between most of the Entry level Cable/DSL Routers.

Conventional Wisdom claims: The Routing Trinity.

1. Netgear RT314
2. Barricade 7004ABR
3. Linksys BEFSR41

(The above are 4 ports, they have also 8 ports version, and same reviews apply).

Some Routers have an additional Printer Server, and DialUp Modem input for backup.

As long as you use the Router for regular Internet surfing, and files downloading it really does not matter which Router you buy.

What emerges, as a different between Cable/DSL Routers is Ports opening?

If you do extensive use, of online Gaming or you are running a server, or you use on line services like iRC etc. You need to open additional ports through the Router?s Hardware Firewall. You want to make sure that the Router that you buy has the flexibility to do port opening in the way you like it.

List of typical ports use by variety of applications can be found here.

Special Applications - Port List.

I would choose the one that has the features that fit the way you use the Internet (and may be it is on sale).

Table comparing these Routers.

Comparing Cable/DSL Routers.

Link of Courtesy of: TallGeese

 

[Vegito]

I'm actually using a netscreen 5xp unlimited as my firewall/router.. has dhcp, 3des encryption that I hook into my office... cost.. around 800 + extended warranty..

I have this hook into a switch.. switch into a wireless ap.. etc..etc.. I also own linksys 4 port wireless and a smc 4 port wired router..

the netscreen is very configurable.. 3des vpn tunnell,etc.. you get what you pay.. the smc works great too.. also linksys.. both smc & linksys has print server which is great..

the netscreen logs better.. ip, ports, etc,etc.. but dont spend over 800 bucks when a 80 dollar one can do.. dont do software firewall. why slow down your computer..

 

[Bglad]

With only one computer you don't need a print server, DHCP or network routing.

Second, a consumer router is NOT a firewall despite what it says on the box. A firewall inspects packets coming in. Routers do not do this. All they do is use NAT to separate your computer ip from the ip visible to the outside world. This is most likely all you need to protect yourself but there is a shortcoming. It will not be apparent what happened if something unwanted does get in and it will not alert you to what is dialing out from your computer i.e. viruses, trojans or just bloated software calling home. This is important because if something dials out from your computer, the firewall expects an answer and will accept it, whatever it is. The firewalls job is to block unrequested packets, not requested ones even if someone else told your computer to ask for it and not you.

Software firewalls are also more than likely all you'll ever need to be safe as well. There are several very good ones with free for home use versions.

The best solution for safety is a hardware router combined with a software firewall. But with only one computer, a router really isn't necessary and probably offers little protection over a software solution. I would just run ZoneAlarm, Tiny or Sygate. As soon as you get a second computer, it is time for a router because there doesn't seem to be any Windows software routing solutions that work very well. That is the point at which a router will really save you some time and aggrevation.

 

[L3Guy]

<< But, isn't a router designed to do just that ... route and switch, for multiple networked PC's? >>


You are confusing a NAT appliance with a router, just as the great marketing conspiracy wants you to.
The $70 boxes aren?t routers or firewalls in the corporate sense, but are a good solution to protect a home network.


<< Is there an alternative hardware firewall to the router? >>


Yes, err ... NO! Err ... marketing! Real routers cost hundreds of dollars. Stick with the SOHO "routers".

Just passing through.

Doug

 

[JackMDS]

>>>>The $70 boxes aren?t routers or firewalls in the corporate sense, but are a good solution to protect a home network.<<<

This week:

They are actually a $39.95 Boxes.

D-Link DI-704 Cable/DSL Internet Gateway w/Built-in 4-Port Switch.

 

[Iron Woode]

blah....


Just pick up a real cheap old pentium class PC say 120 to 233mghz. Put 2 nics 1 hdd 1 floppy 1 cdrom and a vid card or integrated video, a keyboard and monitor. You pick these things up used for under $100 easily. Put freesco on it and enjoy the benefits of dhcp, dns, a real firewall, and fast routing. It even does print server and web server and has remote management.

 

[toshiba3020]

Be careful. Some confusion can come up when you refer to a hardware nat device as a router, and then compare them to other devices.