Hardware Firewall Vs Software Firewall

Connecting your network to the Internet without a firewall is like leaving the front door of your office wide open when you leave on vacation. Chances are high that someone will eventually walk in and steal your valuables.

A firewall is a barrier that is placed in between your computer and other computers that may be able to connect to your computer, via means such as the internet. Firewalls stop unauthorized users gaining access to your computer, which they may attempt to do in order to steal your data, install ‘malware’ or simply be ‘nosy’. They do this by blocking access to ‘ports’ on your computer and also by hiding your computer from the view of other internet users. They also keep a monitor on any network traffic that is passed to or from your computer.

Hardware firewalls are external devices that you plug your computer into before it is plugged into your modem. They have the advantage of being separate from your computer, should your computer pick up a virus which could potentially deactivate your firewall. They also avoid any performance impact from running on your computer. Should you be connected to the internet via a network of computers, or via a wireless connection, your ‘router’ may have a firewall included.

Hardware firewalls are important because they provide a strong degree of protection from most forms of attack coming from the outside world. Additionally, in most cases, they can be effective with little or no configuration, and they can protect every machine on a local network.

Software firewalls are installed on individual computers. They intercept each request by the network to connect to the computer and then determine whether the request is valid. Software firewalls can also be configured to check suspicious outgoing requests. When you first set up a software firewall, you can specify which applications are allowed to communicate over the Internet from that PC. Programs that aren’t explicitly allowed to do so are either blocked or else the user is prompted for confirmation before the traffic is allowed to pass. Therefore, it would likely intercept this kind of traffic before it left your computer.

Another potential scenario where a software firewall would be useful is in the case of an e-mail worm with its own e-mail sever, like the recent “SoBig” worm. Its built-in mail server could attempt to send mail on the valid Simple Mail Transfer Protocol (SMTP) port (25), which would probably pass through the router because of its trusted origin.