Router Firewall vs. Software Firewall
Firewalls are devices placed in between your computer and the Internet to help prevent unauthorized access to your computer. When accessing the Internet, your computer requests data "packets." A firewall filters out packets that you have not requested, and can be set to make you essentially invisible to people who are sending you packets that your computer has not asked for. There are two types of firewalls: software-based and hardware-based.
Other People Are Reading
-
Hardware Firewall Basics
-
A hardware-based firewall is usually incorporated into a hardware router, which sits in between your computer and a high-speed modem (such as DSL, cable or fiber). A router allows you to connect multiple computers on your local network to one Internet connection (so it is commonly referred to as an "access point"). This router can be wireless or wired. For the most part, a hardware-based firewall acts passively. You do not need to manually adjust its settings, and it is enabled automatically whenever the router is on.
Software Firewall Basics
-
A software-based firewall is an application that you install in your operating system and can filter out whatever unauthorized packets may have gotten by the hardware firewall. (OS X and most versions of Linux come with a software firewall. See Resource section below for details on setting up your software firewall in OS X.) Unlike a hardware firewall, a software firewall can also filter outbound connections.
-
Software Firewall Behavior
-
Every time an application attempts to make a connection to the Internet, the software firewall will notify you and ask for instructions. You can grant permission for that single instance, or you can tell the firewall to ignore that application from that point forward. If you change your mind, an application can be removed from the approved list later. Since a hardware firewall only filters inbound connections, it is not unusual to see people using both a hardware and software firewall.
Software Firewall Mobility
-
A software firewall is also useful for mobile devices. When you connect to the Internet at a Wi-Fi access point in a coffee shop on your laptop, for example, it is prudent to have that local defense layer on your computer, since you cannot be assured of the quality of the coffee shop's packet filtering or network security. An improperly configured Internet router may give other users of that network access to your computer. Also, router manufacturers periodically provide updates to their routers that fix some security gaps. A router that has not been updated may be exploitable.
Shopping Options
-
The basic functionality and quality of a router's firewall does not change substantially from one manufacturer to another; the popular choices such as D-Link, Linksys and Netgear are all mostly interchangeable in this area. However, the popular software firewalls, such as ZoneAlarm and Outpost, have divergent user behavior, with Outpost traditionally being more configurable. Many security "suite" packages, such as those from Norton, McAfee and Kaspersky, include a software firewall.
-
