Do I need to use a software firewall even though my router acts like a hardware firewall?
Thanks.
Thanks.
Recommended to disable Windows Firewall if behind router?
- Thread starter malG
- Start date
Yes, and even better get Zone Alarm Pro, or at least the free version. Windows firewall is a minimal firewall - in the sense if you are wearing boxers you are not naked - it does not prevent your infected pc from generating outward activity.
At least initially, it would be wise to disable the Windows firewall(XP sp2) so that you can make sure you have all of your functionality. After you know everything is still working correctly, then re-enabling the Firewall and configuring properly will add an additional level of security. 
I'm also a fan of Zone Alarm Pro to alert me of programs making calls OUT to the internet, not just those attempts to come in.
I'm also a fan of Zone Alarm Pro to alert me of programs making calls OUT to the internet, not just those attempts to come in.
Use it only if you know how to use it. I've seen people block themselves off the net using software firewalls or printer sharing probs. Don't let that deter you from using it, just be aware it's there and may cause problems.
Do you NEED it? NO. NAT behind a router is enough security for me. You have to gauge yourself/knowledge and highly consider using one if you have "computer illiterate" users sharing your pc.
Do you NEED it? NO. NAT behind a router is enough security for me. You have to gauge yourself/knowledge and highly consider using one if you have "computer illiterate" users sharing your pc.
A current thought pattern in computer security is "defense in depth." Basically, DiD means that you have layers of security, so that if one layer is penetrated, another layer is in place to prevent a compromise that otherwise could occur in the absence of the first layer.
Under Defense in Depth, you should use the Windows Firewall even if you're behind a hardware NAT device. If the hardware NAT device is configured correctly and working correctly, the software firewall won't bring additional benefits. But it's there as an additional layer of protection just in case.
(I've seen numerous cases of people accidentally putting their computers in the router's DMZ. In this case the Windows Firewall would absolutely provide value. The main defense is against Stupid User Tricks.)
Under Defense in Depth, you should use the Windows Firewall even if you're behind a hardware NAT device. If the hardware NAT device is configured correctly and working correctly, the software firewall won't bring additional benefits. But it's there as an additional layer of protection just in case.
(I've seen numerous cases of people accidentally putting their computers in the router's DMZ. In this case the Windows Firewall would absolutely provide value. The main defense is against Stupid User Tricks.)
- Oct 25, 1999
- 29,553
- 430
- 126
Actually you should have a Router and a 3rd party comprehensive Software Firewall.
Link to: Basic Protection for Broadband Internet Installation.
However, "Secure enough" is a relative term. It depends on your surfing habits and on the whole scheme of software that is installed on your computer. Many software packages these have the nasty habit of Calling Home.
Link to: Freeware Security suit for Internet Connection Protection.
:sun:
Link to: Basic Protection for Broadband Internet Installation.
However, "Secure enough" is a relative term. It depends on your surfing habits and on the whole scheme of software that is installed on your computer. Many software packages these have the nasty habit of Calling Home.
Link to: Freeware Security suit for Internet Connection Protection.
:sun:
I'm accessing my PC from an XP limited user account which further limits from viruses and other malicious software. I know it's not foolproof but AFAIK nothing is. The general consensus here is to use software firewall but why do router manufacturers recommend disabling them?
"Often two firewalls on the same LAN conflict. Both are trying to do the same job; the conflict may cause an otherwise good Internet connection to drop." - Netgear http://kbserver.netgear.com/kb_web_files/n101177.asp
"Often two firewalls on the same LAN conflict. Both are trying to do the same job; the conflict may cause an otherwise good Internet connection to drop." - Netgear http://kbserver.netgear.com/kb_web_files/n101177.asp
- Oct 25, 1999
- 29,553
- 430
- 126
I hope that you read the link in my post above.
The Router's Firewall cannot Conflict with Software Firewall.
1. It is Not executed on the OS and Hard Drive, like the software Firewall.
2. It is Not really a Firewall at all, it is a By-product to the NAT, and it protects you only from external Hacking.
:sun:
P.S. When software Firewall is used by the Network's computers it is important to put the Network computer?s in the trusted Zone other wise the LAN does not share resources.
Many End users do not know this and they assume that since the computers are connected to the Router the Router is the blocking device.
Netgear's remarks are probably made with the intention to reduce Calls for Support concerning Firewall.
In matter of fact I use Netgear Routers with Norton Firewall in some of my installations and there is No conflicts what so ever.
The Router's Firewall cannot Conflict with Software Firewall.
1. It is Not executed on the OS and Hard Drive, like the software Firewall.
2. It is Not really a Firewall at all, it is a By-product to the NAT, and it protects you only from external Hacking.
:sun:
P.S. When software Firewall is used by the Network's computers it is important to put the Network computer?s in the trusted Zone other wise the LAN does not share resources.
Many End users do not know this and they assume that since the computers are connected to the Router the Router is the blocking device.
Netgear's remarks are probably made with the intention to reduce Calls for Support concerning Firewall.
In matter of fact I use Netgear Routers with Norton Firewall in some of my installations and there is No conflicts what so ever.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter