There are two types of firewalls: hardware firewalls and software firewalls. Your router functions as a hardware firewall, while Windows includes a software firewall. There are other third-party firewalls yous can install, too.
In August 2003, if you connected an unpatched Windows XP system to the Cyberspace without a firewall, information technology could exist infected inside minutes past the Equalizer worm, which exploited vulnerabilities in network services that Windows XP exposed to the Cyberspace.
In addition to demonstrating the importance of installing security patches, this demonstrates the importance of using a firewall, which prevents incoming network traffic from reaching your computer. But if your estimator is behind a router, do you really need a software firewall installed?
How Routers Part as Hardware Firewalls
Home routers use network address translation (NAT) to share a single IP address from your Cyberspace service provide among the multiple computers in your household. When incoming traffic from the Cyberspace reaches your router, your router doesn’t know which computer to forrad it to, and then it discards the traffic. In effect, the NAT acts as a firewall that prevents incoming requests from reaching your computer. Depending on your router, y’all may besides be able to cake specific types of approachable traffic by irresolute your router’s settings.
You tin can have the router forwards some traffic by setting up port-forwarding or putting a computer in a DMZ (demilitarized zone), where all incoming traffic is forwarded to it. A DMZ, in effect, forwards all traffic to a specific computer – the computer volition no longer benefit from the router acting as a firewall.
Paradigm Credit: webhamster on Flickr
How Software Firewalls Work
A software firewall runs on your computer. Information technology acts as a gatekeeper, assuasive some traffic through and discarding incoming traffic. Windows itself includes a built-in software firewall, which was first enabled by default in Windows XP Service Pack ii (SP2). Considering software firewalls run on your computer, they can monitor which applications want to utilize the Internet and block and allow traffic on a per-awarding basis.
If you’re connecting your figurer directly to the Internet, it’due south important to employ a software firewall – y’all shouldn’t have to worry most this now that a firewall comes with Windows past default.
Hardware Firewall vs. Software Firewall
Hardware and software firewalls overlap in some of import ways:
- Both block unsolicited incoming traffic by default, protecting potentially vulnerable network services from the wild Internet.
- Both can block certain types of outgoing traffic. (Although this characteristic may non exist present on some routers.)
Advantages of a software firewall:
- A hardware firewall sits between your computer and the Internet, while a software firewall sits between your computer and the network. If other computers on your network become infected, the software firewall can protect your figurer from them.
- Software firewalls let you to easily control network admission on a per-awarding basis. In add-on to controlling incoming traffic, a software firewall tin prompt you lot when an application on your figurer wants to connect to the Internet and permit you to preclude the application from connecting to the network. This feature is like shooting fish in a barrel to apply with a third-party firewall, but yous tin also prevent applications from connecting to the Net with the Windows firewall.
Advantages of a hardware firewall:
- A hardware firewall sits apart from your computer – if your figurer becomes infected with a worm, that worm could disable your software firewall. However, that worm couldn’t disable your hardware firewall.
- Hardware firewalls can provide centralized network management. If you run a large network, you can hands configure the firewall’southward settings from a single device. This also prevents users from changing them on their computers.
Do You Need Both?
It’s of import to use at least one type of a firewall – a hardware firewall (such every bit a router) or a software firewall. Routers and software firewalls overlap in some means, but each provides unique benefits.
If you lot already have a router, leaving the Windows firewall enabled provides you with security benefits with no real performance cost. Therefore, it’southward a practiced thought to run both.
Y’all don’t necessarily have to install a tertiary-party software firewall that replaces the built-in Windows firewall – but y’all tin, if you want more features.