If you configure your router to also control the outbound access...

Would this conflict with running a software firewall, in other words running 2 firewalls at the same.
If so then this would eliminate the need for a sw firewall, correct?
This would be done on a single computer with no other computers connecting through the router.

 

I didn't know we could set up a hardware firewall to control outbound.
How would this be done?
Hugger

 

I don't think a router can know the difference between firefox.exe connecting to port 80 and trojan.exe connecting to port 80

 

Assuming that your routers firewall can control outbound traffic, there should be no conflict with a software firewall. Conflicts are possible when 2 firewalls are installed on the same operating system.

It doesn't matter if a firewall is on a router or installed on the PC. It's still software. The term "hardware firewall" is somewhat misleading. It would be better described as a software firewall that's installed on a separate piece of hardware. The router has its own operating system on which the firewall is installed. The difference is that it's a minimal system designed for one purpose, running the firewall and networking software. That makes a router much less vulnerable to being exploited than the operating system of the PC. This does not mean that they don't have vulnerabilities. Just not as many.

Firewalls that are installed on the PC itself, commonly referred to as software firewalls are able to distinguish the traffic to and from individual apps on the same operating system because they're effectively part of that operating system. A separate firewall cannot give you that level of control. That control does come at a price. Since a "software firewall" is installed on the same operating system as the user applications, it's more vulnerable to being attacked or exploited because it is affected by the vulnerabilities of the operating system it's installed on and those of the applications on that system. The software firewall itself is usually not what's vulnerable.

The amount of control you want over the traffic to and from individual apps will decide if you need a software firewall. Some HIPS have modules that can allow or block traffic for individual apps, but that's the extent of the control they give. A good software firewall will allow you to control what IP addresses each app can connect to. You can specify what protocols and ports each app is allowed to use. You can control the inbound and outbound traffic separately for each application. The firewall on the router will not be able to control traffic in either direction for individual applications. Whatever it blocks or allows will apply to everything on the PC.
Rick

 

Thanks for that explanation herbalist

 

Does anybody know a (popular) router offering outbound protection ?
A guy on usenet is pretending, every router he had, had outbound protection.
As outbound protection should be coupled with application survey, I really do not undersand how an efficient outbound protection can be realised in a router. Maybe only brutal port disabling ?

 

Correct