On a LAN... needing a firewall...

Hello,

I recently got my home network up and running with all Linksys stuff. My question today is I would like to use ZoneAlarm Pro on one of the computers that is connected to the Internet using a Linksys USB card. If I do not install ZoneAlarm Pro on my other computers, will it affect me or them?

I've heard I don't need a software firewall if I have a router because the router acts as a firewall, but because of some features I like in ZoneAlarm Pro, I'd like to use the program. But again, I just would like to know if there would be any conflict with the other PCs on my wireless network.

Yes, I am on a LAN...

Thanks..

~ Tim

 

Hi Tim

There should be no conflict. If you are using file/printer sharing on the LAN you will need to add the subnet to the Trusted Zone.

Regards,

CrazyM

 

Hi CrazyM, ok... how do I find the subnet? Not sure what that is, sorry.

 

That will be the range of private IP's used on the LAN. This will be handled by router's configuration and DHCP server. You should be able to get the information from the router configuration pages or do an "ipconfig /all", without the quotes, at the command prompt on your pc to get your IP and subnet info. Linksys usually uses a default subnet of 192.168.1.0/255.255.255.0 (Zone Alarm by default should also add your private IP to the Trusted Zone). You will just need to add the subnet to permit file/printer sharing.

Regards,

CrazyM

 

Tim,

The best security strategy is one that is multi-layered, and running a software firewall behind a hardware firewall can go a long way toward getting the kind of security needed. If your AV scans incoming email - turn it off in ZA Pro to avoid duplication of effort and/or conflict. Make sure that the other PCs in your Lan also have the same protection software firewall-wise and AV.

The important thing is that your ports are stealthed, and the next most important thing is to have outbound connection notification - you get both with ZA Pro. Adding a process guard, port explorer and anti-trojan would round out the multi-layered strategy nicely for each PC on your Lan that accesses the Internet.

-- Tom

 

Hello CrazyM, I will contact Linksys with what you said. Maybe they can help as I see your offline right now..

Hi Tom, ok that is something I will look into doing..

Thanks both of you guys for your recent replies!! Anyone else who can lend some additional information would be appreciated.

Thanks again!!

~ Tim

 

What exactly is it you need a hand with?

Regards,

CrazyM

 

Hi CrazyM,

I appreciate you asking very much!! What my concern is... Zone Labs released their new version of ZoneAlarm and I like the features it has and so forth. I installed ZoneAlarm Pro (latest version) on one of my PCs. As I may of said (don't remember) I am on one of 5 computers who are on my LAN (home network). All of them are running windows firewall at the moment. I'd like to try and install ZoneAlarm Pro on just my computer which is not the one connected to the Cable modem directly but thru the USB card from Linksys like the other computers connect on my LAN.

The problem I have though is... I've contacted Linksys and they said there would be absolutely no conflicts. Even you and some others have said there shouldn't be but I wanted to make sure because I just got these computers running in very good condition ( had to reformat all of them for several reasons ). When I turned on my computer today, my little brothers computer said that it had Limited or no connectivity. Then it wouldn't even connect to the Internet. On my computer, I got a alert from ZoneAlarm Pro saying it blocked access from some computer on my own network. I knew right away it was my little brothers. The reason why though is... the cord somehow came unplugged from the USB card that he uses to connect to the Internet in his bedroom. I plugged it back in, and ZoneAlarm Pro did not report anything but it still had a problem connecting on his computer. I decided I'd uninstall the software from my computer which is the only one running ZoneAlarm Pro and it connected.

I would like to know if I have to install ZoneAlarm Pro on all the computers on my LAN and set each one in the Trusted or Internet Zone or what can I do if I don't have to do that but still be able to be the only one who uses ZoneAlarm Pro and the others Windows Firewall... I am thinking by having Windows Firewall enabled on the other computers, I should turn it off and see what happens. But even so... would installing ZoneAlarm Pro on all the computers on my LAN improve the result of keeping the internet connection "on" for all of us?

Thank you CrazyM, I appreciate it alot.

~ Tim

 

Letting just the hardware firewall in your router alone to protect all your PCs in your own LAN, and with no individual firewall protecting each PC, is not a good idea; unless the hardware firewall can look into all the internet access application programs of all the PCs in your LAN. Each application program and its components which access the internet must be authenticated for each PC to protect against trojan and virus. If one PC in your LAN is infected, your trusted LAN is in danger. All the so called protection of the hardware firewall guarding your LAN to the outside internet wont help. A hardware firewall should only be a small part of your security (in fact you can do without a hardware firewall), but not all the security.

 

Hello JCC1234, yes.. I figured as much its not a good idea which is why I want to know if I should install ZoneAlarm Pro on all my PCs.... I bought 5 licenses. Very expensive it was but I did....

 

ooops, you bouth it already. Well, I could have told you the Outpost_Pro has a family license (5 PCs) deal of 2 years for only $106 total . Well, too late, but ZA_pro is a good FW too.

 

You do not have to install ZA Pro on all the systems if you do not want to. On your system with ZA Pro just add the LAN subnet to the trusted zone and this will permit file/printer sharing (browsing my network places) if you need it.

No need to disable the Windows Firewall on the other systems. Under the Exceptions tab enable File and Printer Sharing (the scope will default to the LAN subnet) and as above this will permit file/printer sharing (browsing my network places).

This needs to be enabled on all computers if you wish to connect to each other.

Either firewall should not impact "keeping the internet connection on" unless they are misconfigured.

Regards,

CrazyM

 

Ohh.. Outpost huh? I've never heard of it. My son might of... he's been a Wilders member for quite some time. But because I've heard a lot of good about ZoneAlarm, I figured I'd make the purchase. I hope its good though.. is it really or not the greatest?

 

CrazyM, ok.. I will do that. If I do that, I should not encounter any problems with the Internet on the other PCs? Also... would it be wise to install ZoneAlarm on all the PCs? I mean.. would it hurt or protect me more or neither?

 

I was typing my response when you posted you had purchased 5 licenses. If you have them, might as well use them.

It should not hurt and will provide all systems with outbound application control if that is something you want.

Reagards,

CrazyM

 

CrazyM, I don't know why I didn't think of the name but yess thats exactly why I purchased ZA. Outbound filtering!

Well I thank you for your time and all of you here at Wilders. Very nice, and professional website for computer help. I will definetly write another message if I need help..

Thanks again all, and take care!

Tim