-
August 26th, 2006, 03:58 PM
#1
Member
Thoughts on Software Firewalls
Just what the topic says, what are your thoughts on software firewalls. I've read some articles saying that they are useless and don't really protect you that much, and others say that it is necessary.
I don't know much about the XP SP2 firewall, is it any good?
Thanks!
-
August 26th, 2006, 05:07 PM
#2
.... I would rather have one than not have one............
-
August 26th, 2006, 05:58 PM
#3
Good Day,
The Firewall is definitely not the cure-all for our security woes. It is one element thereof, albeit an important one. Even then if it is not properly configured, employed, updated, etc., its contribution would obviously be limited.
Select a firewall based on your particular need(s) and by generation or type not name.
Descriptions of Some Firewall Technologies:
Originally posted here by catch
In order of generation/order developed:
1.Packet Filtering : A basic ACL firewall operating at the Network or Transport level.
2.Application Level : These are typically proxying firewalls and run in level seven of the OSI model. Circuit Level firewalls are a variation on the application level that maintains a virtual circuit between the client and the firewall server
3.Stateful Inspection : These operate at the network level and analyze traffic at all OSI levels. By using a state table and operating at a lower level than the application firewalls this firewall is able to offer better performance, a more complete scan of the packets and tracking of "connectionless" protocols like UDP and RCP based applications.
4.Dynamic Packet Filtering : a dynamic firewall that enables real time rule changes, mostly used to provide UDP support. It remembers all UDP traffic for a short time and makes judgments (based on rules of course) on what to and not to allow.
5.Kernel Proxy : a modular, kernel based, multi-layer firewall that runs in the NT executive and utilizes dynamic and custom TCP/IP based stacks to inspect traffic and enforce applicable security policies.
Additionally you have new firewalls like Sidewinder G2 which uses multi-level labeling and strong typing to go along with its filtering.
Also you have "application firewalls" this is different to "application level" firewalls. These "firewalls" do not filter network traffic and are more technically referred to as "sandboxes" though they do offer improved functionality over traditional sandboxes via advanced input and output filtering.
...
***Note: Some firewalls combine several technologies to accomplish their goal.
I don't know much about the XP SP2 firewall, is it any good?
If you understand its limitations, as indicated in the thread below.
Is Windows Firewall any good at all?
cheers
Connection refused, try again later.
-
August 26th, 2006, 08:22 PM
#4
To go onto the internet without a firewall is suicidal these days, you will likely be owned within 20 minutes or less.
When I get a machine for cleaning I always send it back with a software firewall installed. I put it on first so I can connect to the internet and get patches, fixes and updates, without getting owned.
If it is your own machine then you decide if the cost/space of a hardware firewall is justified.
Another consideration is if you are inside a corporate/institutional firewall and you suspect someone of playing silly buggers....................
-
August 26th, 2006, 10:10 PM
#5
Member
This is for my home LAN. I have a hardware firewall up, but I also have ZoneAlarm running on my windows laptop.
-
August 26th, 2006, 11:21 PM
#6
Well, a software firewall would be pretty much standard for a laptop, given that it is a portable device.
-
August 26th, 2006, 11:43 PM
#7
Member
In large corporate enviorments, do the majority of workstations use software firewalls also, or they only rely on the hardware firewalls?
Say you were designing a companys network security architecture, would you implement software firewalls?
I know there is not a "One solution for all," just asking in general.
-
August 26th, 2006, 11:49 PM
#8
In large corporate environments they tend to use HIDS ( host intrusion detection systems) such as Cisco Systems CSA product on PC's and laptops.
-
August 27th, 2006, 01:33 AM
#9
in the systems I play in
they tend to rely on the system HARDWARE F/W's
and workstations are fairly bare TBH
so now I'm in my SIXTIES FFS
WTAF, how did that happen, so no more alterations to the sig, it will remain as is now
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
-
August 27th, 2006, 03:24 AM
#10
In large corporate enviorments, do the majority of workstations use software firewalls also, or they only rely on the hardware firewalls?
Hardware generally. I'm in the middle of a 250 PC deployment right now in a small hospital (300 employees). Got orders to disable the desktops' Windows FW. The laptops are getting Norton's Internet Security. FWIW.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|