Hardware Firewall?

Black Swan · 10-02-2010 11:53pm #1

If building a residential LAN, is it worth adding a hardware firewall between your LAN and the Internet as an additional layer of security?

Looking at the Alpha Shield hardware firewall, which would be installed between the modem and the router-switch. It uses RPA (Real-time Packet Authorization) to track outbound and inbound connections. Useful or waste of money? Costs $70 USD.

JimmyCrackCorn · 11-02-2010 11:41am

WTf is "Real-time Packet Authorization"

Does that mean a firewall rule?

Gavin · 11-02-2010 7:53pm

Waste of money.

FruitLover · 12-02-2010 1:22pm

Just build one using an old PC and something like Smoothwall / IPCop / PFSense.

Pedant's note: at 70 bucks, there's no way that's an actual hardware firewall (i.e. performing packet inspection using ASICs) :P

JimmyCrackCorn · 12-02-2010 1:40pm

If you want a slightly more sophistaced router/firewall on a budget. (for wireless you need a cm9 + antenna)

This would be my choice due to the low power requirement.

A nat router works as a very effective firewall on inbound connections due to how it works. On outbound its useless.

A firewall will not solve all your problems either you will need.

Up to date system
Windows update
(http://secunia.com/vulnerability_scanning/personal/)
Anti virus
Anti malware
A firewall on your pc
Not going to dodge sites
Not downloading and running crapware

Black Swan · 12-02-2010 8:26pm

FruitLover wrote: »

Pedant's note: at 70 bucks, there's no way that's an actual hardware firewall (i.e. performing packet inspection using ASICs) :P

This answers one of my questions.

JimmyCrackCorn wrote: »

A nat router works as a very effective firewall on inbound connections due to how it works. On outbound its useless.

Already have NAT installed on my router-switch.

JimmyCrackCorn wrote: »

A firewall will not solve all your problems either you will need.
Up to date system
Windows update
(http://secunia.com/vulnerability_scanning/personal/)

Anti virus

Anti malware

A firewall on your pc

I already auto update Windows 7, have KIS2010 (includes firewall) installed on all laptops within LAN, and have silly Windows Defender on all rigs too cause it came with Windows.

JimmyCrackCorn wrote: »

Not going to dodge sites

You're no fun at all...

JimmyCrackCorn wrote: »

Not downloading and running crapware

I already have a Windows OS...

I know that I cannot run 2 firewalls on a PC without problems, but I was just thinking about adding another layer of security with a hardware firewall between the Internet and my LAN.

JimmyCrackCorn wrote: »

WTf is "Real-time Packet Authorization"

Does that mean a firewall rule?

I know what "Real time" means, but uncertain what this means in conjunction with "Packet Authorization," which was given in the Alpha Shield specifications (without further description). I guess I will have to contact their tech support to find out if it is either:

A packet filter that doesn't analyze the data of the packet, rather decides whether to pass it based on the packet's addressing information;
Or... Stateful packet filtering where records are kept using a state table that tracks every communications channel.

FruitLover · 16-02-2010 5:24pm

Blue_Lagoon wrote: »

This answers one of my questions.

Don't get too hung up on 'hardware' vs 'software' firewalls. The majority of modern high-end firewalls (e.g. Cisco PIX, Juniper SSG, etc) are actually software firewalls (i.e. firewall processing is performed by the OS rather than dedicated processors). If anything, having your firewall processing done in software makes the firewall more versatile - new features can be added with a simple firmware update.

accensi0n · 18-02-2010 8:12am

You could get a cisco PIX 501 online for about €50. adverts.ie or ebay.

Hardware Firewall?

Comments