Well, as long as its working, then thats all you need to worry about? I guess...
Hmm... now I'm a bit confused... :confused: I think I need sleep. :D
Printable View
Well, as long as its working, then thats all you need to worry about? I guess...
Hmm... now I'm a bit confused... :confused: I think I need sleep. :D
Ok here's my house.
I have a surfboard cable modem set up to NAT. Next I have a Siemens Internet gateway router that has basic fire walling and NATs the IP range again. So I am double NATing (only because the thing worked like that right out of the box) and the gateway router connects all my internal PCs and issues IP addresses. It does the internet connection sharing so I don't have to have that enabled on the PCs. It saves on NIC cards and offers an additional layer outside of Windows. On each PC I have Zone Alarm clients and updated McAfee E-mail and On Access Scanners.
If you are going to invest in an additional software firewall product for a box that is already running Zone Alarm, I would consider taking that money and buying a decent internet gateway router outside of windows instead. The one I mention was only 20 bucks on sale. I didn't give out model names but a visit to best buy or office max will deliver several examples.
Oh almost forgot, I have a Linux box running IP chains too but I am always turning it on and off playing with it and reloading it all the time. That’s a significant extra expense because you need a PC with 2 NICs and all your are running on it is a basic set of programs. I've had some success with text only installations of older red hat versions on a simple P100 with 32 Megs of ram. You can get one of those for free from people or junk yards if your local yard has a section for PCs.
I never felt really confortable running multiple software firewalls on one PC. Perhaps, I'm ignorant about them and too paranoid. I was worried that software firewalls (ones that create rules for applications, like Norton Internet Security) would create a rule the, for examples sake, ZA was running and to allow all connections for this program. Then if ZA allowed something through, NIS would assume its safe because it gave ZA all access. Am I making sense? Is this true at all? I'm just using NIS and ZA as examples because they are the only ones I can think of now that I have used in the past. I dunno.
I run my net (now just 2 computers at home) through a router with NAT. Um, the Windoze box runs NIS 2003, and my box runs SuSE 8.2 Pro with iptables. Then again, I once ran NIS 2003, ZA, and Sygate all on my box (running Windoze ME then) behind the router as well, and it seemed to work OK. (little slow though :P)
Again, I'm likely just ignorant, I don't know a whole lot about firewall design. If I didn't make any sense, plz tell me! :)
Dave
The only thing running those 2 firewalls together will do is eat up your RAM. Two software firewalls running on the same system is not going to offer any more protection than just runing the one.
I suggest ZA, I have used it in the past and it served me well. As for blackice defender, I really don't have any positive things to say about it, except that it's MANY vulnerabilities have been well documented and exploited in the past.