My Router Firewall Does All The Work

I have a Gateway 2701HG-B router that protects all 5 laptops in my home. I enabled the "Stealth" mode, and after doing that, I pass all of the tests on ShildsUP! for total invisibility. I also have all Windows 7 firewalls enabled and set to public, and the one XP firewall set to on, just in case one of my machines becomes infected behind the router.

So my question is, with the majority of users being behind some sort of a router based firewall, then why for these users would they want an overly complicated 3rd party firewall? I understand that a software firewall is a great idea to protect each computer from one another behind the router, but the Windows 7 firewall set to public is more then enough protection for this event.

I know a lot of you swear by whatever piece of 3rd party software you use, but it seems to me that if you fall in the category listed above, it is just a waste of disk space, as the router firewall will do all the work.

 

I have a router firewall. I also have Comodo's firewall. Do I really need it? Probably not but it takes up so little space/disk IO/ RAM there's basically no reason not to.

Having a 3rd party firewall that can track outgoing requests adds another layer of protection.

Security should always be layered. There's never a time where you should look at one aspect and say "eh good enough."

 

My router firewall lacks application control. This is the reason I use a 3rd party software firewall.

 

Simple, to have control of the outbound and not just the inbound (router) and to make use of simpler or more granular interfaces and functions (depending on the chosen firewall) than WIN7 firewall.

 

Can you setup your H/W firewall to allow svchost to connect to the Internet and "some suspicious program" not to?

 

Mainly outbound control and HIPS. Plus whatever other features it includes (mine has sandboxing, cloud analysis, protect ARP, etc).

 

All good replies and points. I guess I'm more like the average user, then the typical Wilders member, then I thought.

 

I see there is a trend here .
Disable the software firewalls and stay opened (to get owned) ,nothing will happen to you.
The router has it s weak points and all routers protect differently.

And opposed to your software firewall (that wastes disk space ?!) you practically don t really know what it s doing most of the time.

Also there is no outbound control in a SOHO router ,as most of them are opened for outbound.
This means that a trojan can own you PC quite nice and easy.

 

I sort of agree with you. I can pass the whole GRC thing with just my router firewall going.

Personally I keep the OS firewalls on. Doesn't make sense to me to turn them off when there's minimal overheads or conflicts.

I'm not so much interested in real-time AV protection but do feel naked without some kind of browser security and/or HIPS in place.

Yeah you're protected from inbound connection attempts but you're still exposed to malware nasties from the inside.

I'm an average user too, but when average browsing can be your biggest security threat you gotta have something in place.