[dba-Tech] Software Firewalls

John W. Colby jwcolby at colbyconsulting.com
Tue Dec 7 19:23:45 CST 2004


What kinds of issues?

John W. Colby
www.ColbyConsulting.com 

Contribute your unused CPU cycles to a good cause:
http://folding.stanford.edu/

-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Haslett, Andrew
Sent: Tuesday, December 07, 2004 7:57 PM
To: Discussion of Hardware and Software issues
Subject: RE: [dba-Tech] Software Firewalls


Be careful with the D-Link.  There's been reported issues with the latest
firmware...
 
Also, not sure if we just got a bad batch, but its started to get a bad rep
over here lately (Australia).  The Oz site is often slow to be updated etc.

   _____  

From: John W. Colby [mailto:jwcolby at colbyconsulting.com]
Sent: Wed 8/12/2004 9:20 AM
To: 'Discussion of Hardware and Software issues'
Subject: RE: [dba-Tech] Software Firewalls



A review for that one. 

http://reviews-zdnet.com.com/Netgear_WGT624_108Mbps_wireless_firewall_router
<http://reviews-zdnet.com.com/Netgear_WGT624_108Mbps_wireless_firewall_route
r>  
/4505-3319_16-30551639.html 

I bought this one... 

http://reviews.cnet.com/D_Link_DI_624_AirPlus_Xtreme_G_router/4505-3319_7-20
<http://reviews.cnet.com/D_Link_DI_624_AirPlus_Xtreme_G_router/4505-3319_7-2
0>  
817312-2.html?tag=glance 

John W. Colby 
www.ColbyConsulting.com 

Contribute your unused CPU cycles to a good cause: 
http://folding.stanford.edu/ <http://folding.stanford.edu/>  

-----Original Message----- 
From: dba-tech-bounces at databaseadvisors.com 
[mailto:dba-tech-bounces at databaseadvisors.com
<mailto:dba-tech-bounces at databaseadvisors.com> ] On Behalf Of Francisco
Tapia 
Sent: Tuesday, December 07, 2004 5:23 PM 
To: Discussion of Hardware and Software issues 
Subject: Re: [dba-Tech] Software Firewalls 


speaking of software/hardware firewalls, I was out looking at this one... 
WGT624 Netgear Router + Firewall (NAT+SPI) protection :) 



On Tue, 7 Dec 2004 13:32:22 -0600, John Bartow <john at winhaven.net> wrote: 
> I agree with you on principal but that too depends of the situation.
> 
> 
> 
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com 
> [mailto:dba-tech-bounces at databaseadvisors.com
<mailto:dba-tech-bounces at databaseadvisors.com> ]On Behalf Of Drew Wutka 
> Sent: Tuesday, December 07, 2004 12:15 PM
> To: Discussion of Hardware and Software issues 
> Subject: RE: [dba-Tech] Software Firewalls 
> 
> Of course, a proxy removes that issue too.  A hardware firewall, with
> the proxy allowing internet access, boom, done.  Faster firewall, and 
> faster internet connection (across a network). 
> 
> Drew
> 
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com 
> [mailto:dba-tech-bounces at databaseadvisors.com
<mailto:dba-tech-bounces at databaseadvisors.com> ]On Behalf Of John Bartow 
> Sent: Tuesday, December 07, 2004 12:08 PM
> To: Discussion of Hardware and Software issues 
> Subject: RE: [dba-Tech] Software Firewalls 
> 
> John,
> Of course the one thing the hardware firewall can never do is protect 
> from malicious programs inside the firewall which a cheap piece of 
> software on each computer will do. This may not be an issue for most 
> one PC developers but once you put together a network and/or support 
> clients with networks this does become an issue. You can avoid using 
> software firewalls by using internal checkpoint type devices that act 
> as firewalls between networks segments but I can't say if that is less 
> expensive or better than having a basic software firewall component on 
> each computer. Probably really depends on each individual situation. 
> 
> John B.
> 
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com 
> [mailto:dba-tech-bounces at databaseadvisors.com
<mailto:dba-tech-bounces at databaseadvisors.com> ]On Behalf Of John W. 
> Colby
> Sent: Tuesday, December 07, 2004 11:13 AM 
> To: 'Discussion of Hardware and Software issues' 
> Subject: RE: [dba-Tech] Software Firewalls 
> 
> In fact a hardware firewall usually does everything that a software
> firewall does, plus more.  It is unusual for example for software 
> firewalls to do stateful packet inspection.  Doing so is extremely 
> processor intensive.  A good hardware firewall has a co-processor out 
> in the router that does that stuff and offloads the workstation from 
> doing that.  IF you have a good hardware firewall, and the cheaper 
> routers are NOT firewalls or are very limited firewalls, then you 
> truly do not need a software firewall.  I know of nothing that a 
> software firewall does that a good hardware firewall cannot be made to 
> do. 
> 
> Furthermore, the hardware firewall can be made to do it for ALL
> workstations at one fell swoop, vs. having to write rules and get them 
> applied to each and every workstation's software firewall. 
> 
> I am NOT recommending that everyone out there get rid of their
> zonealarm.  I am saying however that if you spend the bucks on a good 
> router with a good hardware firewall built into it, and you set it up 
> correctly, then you can safely get rid of Zonealarm (or whatever you 
> use). 
> 
> John W. Colby
> www.ColbyConsulting.com 
> 
> Contribute your unused CPU cycles to a good cause:
> http://folding.stanford.edu/ <http://folding.stanford.edu/>  
> 
> _______________________________________________
> dba-Tech mailing list 
> dba-Tech at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/dba-tech
<http://databaseadvisors.com/mailman/listinfo/dba-tech>  
> Website: http://www.databaseadvisors.com 
> <http://www.databaseadvisors.com>

> 
> _______________________________________________
> dba-Tech mailing list 
> dba-Tech at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/dba-tech
<http://databaseadvisors.com/mailman/listinfo/dba-tech>  
> Website: http://www.databaseadvisors.com 
> <http://www.databaseadvisors.com>

> 
> _______________________________________________
> dba-Tech mailing list 
> dba-Tech at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/dba-tech
<http://databaseadvisors.com/mailman/listinfo/dba-tech>  
> Website: http://www.databaseadvisors.com 
> <http://www.databaseadvisors.com>

> 


-- 
-Francisco 
http://pcthis.blogspot.com <http://pcthis.blogspot.com>  | PC news with out
the jargon! 
_______________________________________________ 
dba-Tech mailing list 
dba-Tech at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/dba-tech
<http://databaseadvisors.com/mailman/listinfo/dba-tech>  
Website: http://www.databaseadvisors.com <http://www.databaseadvisors.com>  



_______________________________________________ 
dba-Tech mailing list 
dba-Tech at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/dba-tech
<http://databaseadvisors.com/mailman/listinfo/dba-tech>  
Website: http://www.databaseadvisors.com <http://www.databaseadvisors.com>  


IMPORTANT - PLEASE READ ******************** 
This email and any files transmitted with it are confidential and may 
contain information protected by law from disclosure. 
If you have received this message in error, please notify the sender 
immediately and delete this email from your system. 
No warranty is given that this email or files, if attached to this 
email, are free from computer viruses or other defects. They 
are provided on the basis the user assumes all responsibility for 
loss, damage or consequence resulting directly or indirectly from 
their use, whether caused by the negligence of the sender or not.





More information about the dba-Tech mailing list