Hardware/Software Firewall?

Discussion in 'Windows Desktop Systems' started by Capricorn, Oct 28, 2003.

  1. Capricorn

    Capricorn OSNN Senior Addict

    What is the difference between a Hardware Firewall and a Software Firewall? Surely the Hardware Firewall will need Software to keep it updated.
  2. NetRyder

    NetRyder Tech Junkie Folding Team

    New York City
    A hardware firewall usually refers to a NAT router. The router obtains an IP from the ISP which connects it to the outside world. The router also assigns internal IP addresses to every computer on the internal network. Now the way it works is that any incoming packets from the WAN/Internet side are not forwarded to any of the computers on the network unless you explicitly specify that you want packets directed to a certain port to be forwarded to a certain computer. This is, in short, how the router acts like a firewall. As you can see, it doesn't use any software firewall to accomplish it's task.

    Most, if not all, personal/SOHO hardware firewalls, however, only screen out incoming packets, but not outbound traffic. This is where software firewalls come in. Lets say your computer was infected by a trojan, and your antivirus software was unable to detect it. The trojan attempts to send out stolen passwords to a server on the internet. A hardware firewall will not stop any outbound packets from passing through, so the trojan will be able to send it's data. A software firewall, on the other hand, will detect the presence of a program trying to access the outbound connection, and will intercept the packet, asking you if you want to allow it to pass through. If you choose the deny button, the outbound packet is bounced back and not allowed to pass through.

    Because of this, it's generally recommended that you use some kind of software firewall along with a hardware firewall to ensure maximum security, and to prevent unauthorized applications from sending out data to the internet.

    Hope that explained it. :)
  3. Enyo

    Enyo Moderator

    NAT is not a firewall technology (however is often used in-conjunction with a firewall device). NAT routers are not firewalls as such.

    Hardware firewalls can filter both inbound and outbound traffic, can filter based on source and destination (both IP and port), can filter packets based on the data they contain and based on there type.

    The main difference between a hardware device and a software device is that a hardware firewall is a dedicated physical solution that provides these functions.

    Hardware firewalls can be small SOHO devices or large corporate level devices such as the Cisio PIX, MS ISA or Checkpoint.

    Back to NAT for one moment.

    NAT does provide a degree of protection but it is totally wrong to call it a firewall, its not IMO.

    The primary purpose of NAT is to provide internet connectivity for multiple users using a single connection due to the way it operates in certain implementations NAT gives the added bonus of not allowing unsolicited data in, that is anything your computer did not request.

    NAT however will forward any and all data back to your computer but wont. send you anything you did not ask for. This gives you a clear view that it is not a firewall, it does not care what it sends you, a firewall does.

    For more info see here and here
  4. Capricorn

    Capricorn OSNN Senior Addict

    Thanks for the interesting replies.