August 6th, 2004, 10:14 AM
Using more than one firewall
I have a general question about firewalls. In most cases, is it alright to use more than one firewall? Can they interfere with each other, and cause security risks? Is it recommended to use only one firewall, or is it case-specific?
I am using Sygate and ZoneAlarm on Windows 98SE, but I have been told that this is not ok. On my Linux system, I am using the firewall that came with RedHat.
August 6th, 2004, 10:24 AM
I see no point to using more than one firwall because the first one will block the incoming connection before it even gets to the second firewall ... if you have one firewall installed and have it configure _properly_ then using 2 is pointless
August 6th, 2004, 10:29 AM
Using several software firewalls on the same machine is asking for trouble. They may interfere with each other, and prevent each other from updating properly etc.
Using a software firewall combined with either a hardware firewall or a dedicated firewall device on generic hardware, is fine.
As far as I'm aware, Linux firewalls either just use iptables to implement the filtering, or in the case of expensive commercial solutions, bypass the kernel's IP stack entirely and implement their own. Either way, you won't want to put multiple ones on, they will just wrestle for control of the kernel's iptables.
August 6th, 2004, 10:33 AM
Thank you slarty, this is what I wanted to know.
August 6th, 2004, 10:58 AM
Just to point out that there is a school of thought that once you have a properly configuerd hardware firewall a software firewall is surplus to requirements and a waste of system reasorces. The greater the number of services running on a machine the less secure the machine becomes.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
August 6th, 2004, 12:00 PM
I think that good idea is to read Sygate forum:
Can Sygate Firewall coexist with other firewalls?
SygateŽ Personal Firewall STD
SygateŽ Personal Firewall Pro
All supported operating systems.
No, SygateŽ Personal Firewall STD and SygateŽ Personal Firewall Pro will not function while another firewall are running. In order to properly run SPF you will need to uninstall any other software firewalls prior to installing SPF
Firewall, ICF, ZoneAlarm, Norton, BlackICE, Agnitum Outpost,
I am an atheist, thank God.