Hardware VS Software Firewalls

Discussion in 'other firewalls' started by medz, Dec 20, 2005.

Thread Status:
Not open for further replies.
  1. medz

    medz Registered Member

    Dec 18, 2005
    hi 2 all i am curious to know whether hardware firewalls are more secure in comparison to software firewalls.
    points to consider between each of them

    +Doesnt eat up ram
    +custom firewall rules filters and services
    +web filtering/blocking sites
    +opensource firmware such as linksys openwrt

    -Some firewall routers only block inbound
    -cant think of anymore maybe u can add some

    +block inbound and outbound
    +application control
    +spyware/trojan database
    +precise and more relevant information on each port/program and process

    -large footprint//high memory usage
    -once again if u can think of any more add them

    would it be worth using both hardware firewall in conjunction with software.
    if so is there any programs which block outbound traffic only
  2. Arup

    Arup Guest

    Don't forget, most hardware firewalls can't handle multiple connections if doing P2P or online gaming.
  3. blazr63

    blazr63 Lurker

    Oct 9, 2005
    Danvers, MA
    Software firewalls are also capable of IP filtering ex. Outpost especially with Blockpost plugin.
  4. Jazzie1

    Jazzie1 Registered Member

    Dec 5, 2003
    You can go one step further and have a very good hardened linux firewall, such as Smoothwall, ipcop or Astaro! That opens up the scope a bit! I will speak more about Astaro, because it is free for up to 10 users and doesn't require hardly any knowledge of Linux.




    all that is required is an old pc with 512 megs ram, 2 nics and you are set. I have run/configured just about every Unix/freebsb version I could get my hands on! And two stand out, Smoothwall and Astaro. I choose Astaro because of it's features and hourly updates... If you have a network and want to give it a shot, just unplug your router and stick the Astaro box (old pc) in front of your network and place the router behind the box as a switch... You will be impressed with the function/operation-

  5. Arup

    Arup Guest

    IP blocking can be done at firewall level for hardware routers as well.
  6. highv0ltage

    highv0ltage Registered Member

    Jan 6, 2006
    Hi, I checked out the Astaro website and it says it's only a 30-day trial. Did they change that or is it still free for 10 users after 30 days?
  7. aurgathor

    aurgathor Registered Member

    Jan 3, 2006
    Bothell, WA
    What's the definition of "most" and "multiple"? In any case, I use Freesco on a separate PC as a firewall/router and it can handle up to 16k connections. Enough for probably well over 99% of the users. It is not a particularly sophisticated firewall, (only inbound) but inbound protection is the most important part.

    The pros: no CPU usage on my server, very reliable in comparison to anything M$ wrote, I can switch servers in the fly by routing traffic to a different PC, makes banning IPs or IP ranges easy, very low cost (SW is free, HW can be a lowly 486 or Pentium), there is also quite a few programs (i.e. Samba) available for it, so it can do a few other things aside from the basics.

    Cons: a bit more electricity usage and noise

    One can use a good SW firewall such as Tiny in addition to a HW firewall for outbound ans more complex inbound filtering, but personally, I had too much problem with SW firewalls, so I'm not using any at this moment. (have Tiny 2005 and 5.5 installed on 2 computers, but both are disabled)
    Last edited: Jan 7, 2006
Thread Status:
Not open for further replies.