Is there any point to having a software firewall with this router? I don't use one on any of the home computers as I'm presuming this does an ample job.
Or am I wrong?
Is there any point to having a software firewall with this router? I don't use one on any of the home computers as I'm presuming this does an ample job.
Or am I wrong?
I'm running one of the older draytek 2600 series and have never run a software firewall. No problems so far
I guess the some of the reasons to have one would be to protect your PC from other machines on your LAN or if you wanted to block outgoing connections from software on your machine. Or if you were just being thorough![]()
If you are running NAT on the router, and you are NOT forwarding any inbound ports, then a software firewall is probably unecessary. However some of the software firewalls (zone alarm for example) will block outgoing ports from your computer (or at least alert you if a connection attempt is made). This is a defence against malware (specifically trojans) that you might accidentally but legitimately import into your machine. They then might attempt to open an outbound connection that would pass through the NAT process on the router. A good virus scanner will (you hope) detect such malware in an e mail or dodgy web page before it has a chance to activate itself. Don't forget that some applications will requiire outbound ports (from the computer) to be open - 80 for web browsing, 25 and 110 for sending and receiving e mail, for example - but they will pass through the NAT process transparently.
A software firewall on a machine will protect that machine from other computers on the lan, but one hopes that all the machines on the lan are trusted. In a corporate environment ypou might want to protect some machines, but there are better and more subtle ways of doing that.
In summary, a software firwall is perhaps useful as a backstop, but only if it has the capability of scanning outbound connections.
If you are forwarding inbound ports through the router (for example to a public faving webserver), then you are in a different ballgame, and you need to look at the security of the webserver, but if you are doing that, then you should have the knowledge to protect the machine appropriately.
(\__/)
(='.'=)
(")_(")
![]()
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
Any other views?
There are currently 1 users browsing this thread. (0 members and 1 guests)