[AccessD] New Comodo Firewall

Jim Dettman jimdettman at verizon.net
Sat Nov 24 11:38:52 CST 2007 

Arthur,

<<I don't want anybody in the outside world to get in (without permission),
but within
my tiny world, everything is permitted. So what would a software firewall
bring to the party that I don't already have?>> 

  Even though both are called "firewalls", the approach and what they do are
different, but there is some overlap.

  Hardware Firewalls started off with simply NAT (Network Address
Translation).  NAT "hides" your internal network from the outside world.  As
time went on hardware Firewalls gained capabilities, such as keyword
checking, URL filtering, Time restrictions, etc, but their primary focus is
handling TCP/IP communications and enabling/disabling that.  The problem is,
they typically don't check what's going on inside the communication itself
(look inside the packets).

  Software firewalls started off in the other direction; more concerned with
content.  They typically have anti-virus, spam tools, content checking, etc
built in.  And they as well have gained features over time, such as checking
ports and allowing / disallowing communications at a basic level.

  So the line has blurred quite a bit, but you still typically use a pair
because a hardware firewall is better at handling basic communications (it's
faster) and a software firewall to check content, such as preventing
personal information (ie. a phone number or credit card) from being
transmitted out.  You can buy a hardware firewall that has a lot of the
features a software firewall has, but they are expensive and the
configuration your doing is at a network wide level.  If you stick with
strictly software, then you have a performance issue.

  By splitting the difference, you get the best of both worlds.

Jim.


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Arthur Fuller
Sent: Saturday, November 24, 2007 11:27 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] New Comodo Firewall

I'm about to reveal my colossal ignorance (just in case it was not already
evident), but my question is this: given a router that already has a
firewall in it (such as LinkSys or DLink), what is gained by  adding a
software firewall to the mix? Since I live alone, but have 2 desktops, one
notebook and one server, I want traffic between everything my house to be
open and free. I'm only concerned about externalities, as it were. I don't
want anybody in the outside world to get in (without permission), but within
my tiny world, everything is permitted. So what would a software firewall
bring to the party that I don't already have?

TIA,
Arthur
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list