Battle Hardware firewall vs Software firewall

[Elephant]

Hi,

After 6 years of using NIS I've unistalled it (license over), and started to look for other options. I want light setup, so I installed Webroot Antivirus. My problem is, I don't know how to setup firewall. I have a modem/router from my internet provider and in that modem settings I found firewall. There are 4 options: off, low, med and high, and also Web Features with options: Filter Proxy, Filter Cookie, Port Scan Detection, IP Flood detection, and more. So my question is: should I setup this, hardware firewall, or should I switch everything off and use software Windows Firewall? Or maybe both? Webroot also has firewall in options... Please advice me, what is better to protect my PC? My priority is to not slow down internet connection, and have low ping, as I like to play online fps games.

 

[Ink]

I don't think it's a battle of which one to use, as both are required. Your router with Firewall enabled is your first line of defense against the WWW. It helps to keep your home network of devices, protected from outside threats.Think of it as tall castle walls.

A software firewall can control the Inbound / Outbound traffic flow / connections.

I don't have the relevant knowledge required to explain in detail, so I will it to the rest.

In the meantime, you can post your Security Config in the Security Configuration Wizard forum. For more information, check out the Stickied threads.

 

[aztony]

It’s important to use at least one type of a firewall – a hardware firewall (such as a router) or a software firewall. Routers and software firewalls overlap in some ways, but each provides unique benefits. If you already have a router, leaving the Windows firewall enabled, or other 3rd party firewall, provides you with security benefits with no real performance cost. Therefore, it’s a good idea to run both.

 

[Deleted member 178]

Both are necessary.

As Huracan said, Hardware firewall are mostly made for filtering inbound connections but you have no control over outbound connections , it is where software firewall are needed. "slowing down" hackers attempts to penetrate your network is good but if you have malwares on your system that connect to the same hacker, the hardware firewall will be useless, only the software one will save you.

you have plenty of free firewall, all is about your knowledge of setting up a firewall.

 

[Elephant]

Thank you very much for your replies - I'll try to configure both firewalls properly. I will also post my config in Security Configuration Wizard section.

 

[comfortablynumb15]

Or just run appropriate security programs to prevent infection, and you won't have to concern yourself with bad outgoing connections. Now, preventing legitimate programs calling home as a privacy concern is another subject entirely.

 

[Martin_C]

As all others has said - you need them both.

To safeguard your perimeter, simply turn on the firewall in your router and set it to Medium.
The medium setting on firewall in router will block all unsolicited inbound connections, while allowing outbound.

This means that any connection you did not ask for will be kept out.

Next, your PC or PCs.
That is also quite easy to set up.
For maximum protection, make sure Windows Firewall are activated.
Default settings are already secure.

Private profile are set to block all inbound, except if a program are on the list of allowed programs.
Public profile are set to block all inbound except programs on the list of allowed programs, but will block services you do not want accessible when on networks away from home.

If you are worried on a public WiFi, then you can set Windows Firewalls Public profile to block all inbound INCLUDING programs on the list of allowed programs. (this is just one checkmark you have to set and press ok.)

With these settings, you will be protected from the Private Profile on your home network, and still being able to communicate with devices on your home network.
And with the Public Profile, you will be protected when you are away from home with a laptop, since it will block all inbound.

It doesn't get any better, safer or easier then this.
Windows Firewall in Win7, Win8/8.1 and Win10 will do a perfect job.

You will on tech-forums and tech-sites from time to time read that you should install third-party firewalls to do outbound blocking.
Do NOT listen to any such statements.
No host based firewall in the world will add any security with outbound blocking.
Host based firewalls are designed to block unsafe inbound connections and regulate friendly outbound connections, both of which are easily done with Windows own firewall.

The concept of that outbound blocking should increase security by somehow magically enclose an infection and keep it trapped, is a fantasy that only exist in the mind of a select group of home users and certain tech-"journalists".
You will never hear any IT professionals suggest this.
The moment malware has executed locally, and especially if it has gained admin rights, then it WILL communicate out if programmed correct.
Trying to keep an infection from abusing legit means of connecting out, is bound to fail.

Outbound blocking only works on friendly programs, which is exactly what you see in those tests that floats on tech-sites. A nice little test program (usually called "keylogger-test" just to scare you) will attempt to call out on its own and gets magically blocked.
If it had been the real thing it would just had abused one of the countless ways out that needs to be possible and allowed in a OS.

So forget outbound blocking and instead make sure you run a well established AV/AE solution, so nothing malicious executes locally - this safeguards actions initiated by user.

And use inbound blocking in router and Windows Firewall, to keep unsolicited access blocked - this safeguards actions from outside.

 

[jamescv7]

Complexity came within both types of firewall but as we engage more from online and especially software which connected in the internet then likely focus on Software Firewall.

But hardware firewall should be properly monitor which depends on area of concern, remember when you are on a home/private network then risks are low as possible,

 

[LabZero]

Hello @Elephant

Actually I would not speak of competition but more than collaboration.

Nothing in fact prohibits to use a hardware and software firewall, for example that integrated on ADSL modem and one installed on your PC. The hardware firewall, in fact, usually block the attempts of aggression, but they don't do much against those outgoing ; many software firewalls, however, oversee hostile attempts also outgoing.

A hardware firewall and one on the PC are a good couple even in the case of a local computers network .The first protects the perimeter, so to speak, while the second prevents a possible infection of a computer can spread to others.

The main drawback of a double mixed firewall is that if something is not working in Internet communication, it is more difficult to determine the cause, because you have to find out which of the two the firewall is blocking (for example by disabling your firewall software and watching if this fixes the problem). In the case of a local area network, can also give rise to difficulties in file and printer sharing if the firewall software is not set up properly to allow it.