View Full Version : Hardware or software Firewall

07-04-2007, 08:02 AM
I wonder if any experts could tell me this

If a person has a Hardware firewall, (such as in a router) is it still necessary or desirable to still run a software firewall like Zonealarm of Comodo

07-04-2007, 08:08 AM
I do.

At the very least it can warn you if dodgy software is trying to get out to the internet.

07-04-2007, 01:57 PM
simply put, there is no hardware firewall that can stop nasty programs on your pc gaining access to the net.

10-04-2007, 07:36 AM
Hardware firewalls cannot be aware of which processes are involved in sending any given messages. Software firewalls are extremely effective when used to limit processes running as unprivileged users and work most of the time against worms, which would have to be made more complicated to evade them, even running as an administrator.

Hardware firewalls = limited knowledge, high security
Software firewalls = greater knowledge, lower security

Note that here security refers to how well it resists active attempts to bypass filters, not how it affects overall system security, which is environment-dependent. Personally I'm not a fan of process-based firewalls as they have a massive attack surface for people trying to get around them and are not that much more effective than packet filtering but it all depends on your circumstances.