Software firewall behind a ADSL modem/router ?

Mem

Lifer
Apr 23, 2000
21,476
13
81
I`m sharing my brothers Netgear DG814(ADSL Modem/Router) via NIC ,do I really need a software firewall on my PC,I`ve ZoneAlarm Pro 4 installed at the moment or is it really pointless because of the router?
 

dmcowen674

No Lifer
Oct 13, 1999
54,889
47
91
www.alienbabeltech.com
Originally posted by: Mem
I`m sharing my brother`s Netgear DG814(ADSL Modem/Router) via NIC ,do I really need a software firewall on my PC,I`ve ZoneAlarm Pro 4 installed at the moment or is it really pointless because of the router?

Won't hurt to have both Hardware & software Firewall. Actually the Firewall that is perceived to be a hardware Firewall in the DSL Modem/Router is actually a software Firewall as well. I am running both a Hardware DSL Modem/Router/Firewall in addition to Zone Alarm running.


 

Mem

Lifer
Apr 23, 2000
21,476
13
81
In sum: The Hardware Firewall provided by most Cable/DSL Routers, is an excellent tool. However, it mainly secures the Incoming traffic, it does not stop information from going out.

To secure the Outgoing traffic you need to add a good Software Firewall.

Thus, many Cable/DSL Router owners use the combination of Hardware + Software Firewall

Thanks JackMDS, that does answer my question.I`ll stick with ZoneAlarm Pro 4 since it`s has been 100% solid and I like the interface.

:)
 

mboy

Diamond Member
Jul 29, 2001
3,309
0
0
It isnt a bad idea to run the software on top of using a router ( A SOHO router is a NAT box, but even with SPI it isn't truly a firewall (not a REAL good one anyway). NAT does have inbound firewalling properties, but it is NOT a firewall.

There is also a HUGE difference between running a software firewall on top of an OS ike ZA< Norton etc, and a dedicated hardwall firewall appliance ( a real one like a Netscreen, Sonicwall, Cisco PIX etc or even a software firewall imbeeded into the os like IPtables/chains, smoothwall etc.

ZA or another software firewall running on top of your OS can be shut down with a batch script from a trojan, virus etc. Try that with an embedded firewall on a hardened BSD box, or as part of the software running on a true,dedicated firewall appliance.