is your PC more secure with 2 hardware firewalls or 1 is fine

hi i have a question. i have a real nice firewalll 300.00 cysco for my home, has all sorts of bells and whistles ect aplication annomaly detection ect. i also run FW and AV software.

but i was wondering if i put a second router/firewall in (my old netgear web safe) wich is a very minor firewall would that make my PC and network even more secure? or would it not help.

reason i ask is because i read somewhere of someone using 2 hardware firewalls.

also i was wondering does a loopback adress mean your network could be compromised? i cant find the 127.0.0.0 adress since im using a new software firewall, but i know iv seen it in the past in the firewall section as an trusted adress.

 

If anything, your network would be slightly slower, by about 1ms or so. I don't see any extra benefit from the 2nd hardware firewall at all.

So unless you have another reason (other than wanting another firewall) I suggest you stay with 1 router.

 

ok, yea my firewall is great i can't complain rvs series corprate but honestly i get paranoid on the net at times lol. just wondered if there was any merit to running 2 hardware firewalls. i know the second firewall i have is a cheapo. but im not to much of an networking exper to know the answer

 

Well the answer is no, it wouldn't add any extra protection, everything is already protected. It would most likely cause more problems than anything else.

 

No. Loopback interface is a virtual adapter and referrs to your own computer. Anything sent to this address is immediately received on it as well, meaning that no hardware adapters are used in the process.

Regarding your inital question on 2 h/w firewalls, I fully agree with elapsed. Of course, you would benefit from Cisco if Netgear is in front, but why would you want to do such a thing is beyond me.

 

BlueCoat hardware as most administered as do all hardware firewall on the higher end. Business end should use two hardware firewalls on domain. Home users have routers with NAT, SPI, Intrusion Dection an etc. Then you can run software firewall on your clients boxes on workgroup or small business domain.

 

Chaining the routers out of one network to one modem will not add or increase security, the networks security is only as strong as the weakest link. However, using one modem, and,
installing an second router to create another segregated network to deliberately isolate the networks, will definitely increase security between the two internal networks.
One might want to utilize isolated networks to segregate the adults computers from the children's computers, or business computers from home computers.
Computers behind firewall router one can not see computers behind firewall router two and visa versa, the topology can be found here:
https://www.wilderssecurity.com/showpost.php?p=1521487&postcount=5

If only one printer is available, print traffic can be configured within the routers to rout the print traffic to the destination IP.



HKEY1952

 

Better than using two hw firewalls would be to use behind your pc an hw firewall and a linux based pc as server.

 

For a standard home network, one hardware firewall is plenty. When a network includes a server that can be accessed from the web and a private LAN, a 2nd hardware firewall can be used to isolate the two, but that's beyond the needs of an average home network. For a home network, the most you would need is one hardware firewall out front and a software firewall on each of the PCs. You'll get different opinions as to whether the software firewall would even be necessary.

 

ok thanks guys

 

Even in business networks it's more common/desired to still use just 1 hardware firewall/UTM appliance. They're robust enough to "orange zone" or VLAN servers exposed to the public side, so they're separated from the main office LAN.

Double NAT from multiple firewalls/routers isn't desired in biz networks either.

 

hello

is that what you mean

http://www.grc.com/nat/nat.htm

 

strange i also wonder and wanted to know if one firewall is comprised for ex let say in that case if the netgear firewall is in front and some how some one know through tools like nmap......etc and some he manage to break the 1st firewall what happen then

1. will it also by default bypass through cisco firewall as well
2. will it stop on cisco firewall mode.....

i mean a attack


please comment

 

looks o me like in that example that you would put the cheaper older router on the outside as an external router? not sure if that makes any since to me though because evwen though id want my pc more protected then my fiances who is nto computer savy when it comes to security and websites not to go to. like .ws .de ect

so even though i want high security i want her to have security by the much better firewall i have to wich would mean puting it on te outside. and the older one in?>

 

Its a good way of isolating part of your network, (I've mentioned here before about isolating mine/my kids machines) and perimeter subnets.