In-Reply-To: <20050507193118.1556.qmail@www.securityfocus.com>
Hello,
Hardware firewalls may mean several things.
Some hardware firewalls actually use hardware components dedicated to the
firewall functions (packet processing, switching,...), while others are
"applianced" software firewalls, i.e. a software firewall running on a hardened
OS (often Linux), in a pre-packaged hardware.
While it is not advisable to run a software firewall on an insecure platform,
the security of the platform is often increased, since many software firewalls
replace or harden the TPC/IP stack of the host OS, thus blocking the 'bad'
packets before they reach the host OS.
So, basically, the line between hardware and software firewalls in thin. In
terms of performance, harware firewalls are often better, while from a security
point of view, running your software firewall on a hardened OS may be an
acceptable choice.
I personally like CheckPoint's SecurePlatform, a pre-hardened firewall that can
be installed on the hardware platform of your choice.
I hope this helps.
Best Regards,
Skander Ben Mansour, CISA CISSP
---
http://www.benmansour.net/
Hello,
I was wondering how a software based firewall(mcafee, Norton etc) can help
protect your machine if the operating system(Windows XP) is vulnerable?
Also how is a software based firewall any better then hardware. The way I see
it if you have a software based firewall and the operating system has security
issues I doubt very much a software firewall will protect that machine.whereas
if it's a hardware based firewall and the operating system has vulnerabilities
the chances of it being attacked are slim since they would have to first find
some vulnerability with the hardware firewall then go after the operating
system(firewall default settings with all ports closed). Obviously if a port
is open and that application has a vulnerability then it would get attacked.
Please let me know if I'm on the right track here.
Thank you..
