Pin Me

Best Firewall: Software or Hardware?

written by: Daniel Brecht•edited by: Bill Bunter•updated: 11/7/2011

Computers connected to the Internet can be attacked by a hacker in an average of minutes. Therefore, some defense measures, such as a software and/or hardware firewall can be used to provide security. Here's a discussion on the use and benefits of both firewall types. You decide what is best to use.

  • slide 1 of 3

    Software Firewalls

    For home users, the most popular choice is a software firewall. The big advantage of using a software firewall over a hardware one is the ability to either allow or block generated traffic to enter a computer network.

    Other reasons to use software firewalls include, but are are not limited to, the following...

    • Most software firewall will only provide protection against malicious data coming from external network. A few ones are available that also prevent PC from using unauthorized data on external network.
    • Software firewall allows us to assign a port (say 25) to particular software, e.g. Microsoft Outlook. Any attempt by another application to use the same port would be ignored or blocked pending user confirmation.
    • Many software firewalls have user defined controls for setting up safe file and printer sharing and also to block unsafe applications from executing on your system.
    • With software firewall, it is also possible to configure different settings for different Windows users.
    • Software firewall has the ability to protect only the system it is installed on. To protect a group of computers, separate firewall installation is required.This can get expensive and can be difficult to manage if you have a lot of computers
    • Software firewall is most often the best solution to provide protection against Trojan programs or e-mail worms.
    • Software firewall once installed, runs in the system background, at all times, hence, consuming system's resources. Therefore, you must check the system requirements e.g RAM, HDD, CPU before buying it.
    • By using software, it is possible to monitor the traffic dataflow coming into and out of the network. It helps administrators to streamline network efficiency.
    • Software firewall comes with ability to automatically update itself when internet connection is established.
    • Some software products come with integrated firewall, usually by firewall vendor itself. This method makes the software even better protection.

    Note: There are many good software firewalls: including free ones, such as ZoneAlarm, which I strongly recommend. Among the open source firewalls, OpenBSD is a complete security solution, which provides all security one might expect from firewall. It is often matched with Cisco's hardware firewall - PIX.

  • slide 2 of 3

    Hardware Firewalls

    Firewall Protection (by jscreationzs) Hardware firewalls have a lot of characteristics, features and advantages over software firewalls, such as:

    • They can be purchased as a stand-alone product and these now come also integrated in broadband routers.
    • Most hardware firewalls comes with a minimum of four network ports to connect other computers, but business networking firewalls are also available for larger networks.
    • A hardware-based firewall is easier to maintain, setup and use than installing, configuring and managing a software firewall program.
    • Like any software, hardware firewall must also be learnt to be able to enable and configure it and to ensure the firewall is doing a good job of protecting your network.
    • Hardware firewall provides a strong degree of protection from most forms of attack coming from the outside world and they can protect every machine on a local network.
    • A hardware firewall has the ability of notifying you before filtering out outgoing traffic but it will now allow the user to respond to the notification to either allow or disallow the traffic.
    • Another advantage of hardware firewall is that it can serve as a T1 firewall router or as a gateway server.
    • There are many 3rd party test software available, which can be used to check efficiency of the hardware firewall. Firewall testing is important and ensures that the system is configured for maximum protection.
  • slide 3 of 3

    Conclusion

    Both type of firewalls are able to protect computers from most intruders breaking in to a network. However, software and hardware firewalls differ from each other as pointed out in the two section of the article. One noticeable difference between the types of firewalls is, "a small business firewall software program [must be] installed on each individual PC it's meant to protect while hardware-based firewalls protect all the computers on your network." [1]

    These days, routers come with built-in firewalls; thus, giving hardware firewalls the importance over software firewalls. However, the importance of running a software firewall program has allowed users to know a lot more about the network traffic that is blocked and potentially a threat to computers and the data it holds. Therefore, it’s worth noting that both type of firewalls are easy-to-use security solutions designed to block and manage unauthorized access to computers.

    When it comes down to which type of firewall is best, I'd say with any broadband connection, especially in an office evironment, a hardware firewall should be considered a bare minimum, and supplementing it with a software firewall on one or more computers is almost always a good idea.

References