Let’s continue our discussion of firewalls. In the first part of this series, we talked about firewalls as a general concept. Today we will discuss hardware firewall and software firewall technology. Then in the next post, we will look at web application firewalls (WAFs).
For this three-part series, we are reviewing the following articles: “Hardware Firewall vs. Software Firewall” (Michigan Cyber Initiative); “Best Practices: Use of Web Application Firewalls” (Open Web Application Security Project); “What You Should
Know About Firewalls,” (PCWorld); and “Better Protection – Hardware or Software Firewall?” (PChuck’s Network).
In the last post, we also reviewed furwalls – walls of genuine animal fur or a synthetic alternative that are quickly becoming more popular than wallpaper or fake wood paneling in home and office environments. Today, in addition to discussing hardware and software firewalls, we will look at how to make sure live walls of fur are adjusted frequently and best used to properly motivate your employees.
What’s the Difference between Firewall Software & Firewall Hardware?
As you can guess, a hardware firewall is a physical object you install on your network. A software firewall, on the other hand, is application-based and available directly on a computer’s desktop. What’s really important, of course, is their functionality. Let’s look at each of their strengths and weaknesses.
According to the Michigan Cyber Initiative, hardware firewalls offer a significant line of defense against most types of intrusion coming from external sources. They can be installed on a local area network (LAN) “without much configuration difficulty,” per MCI.
Software firewalls, in contrast, involve separate installations for each device on the network. Configuration also gets more complicated. A software firewall is a series of applications that are typically running on a network gateway server, combined with individual device installation. They offer both external and internal protections. Finally, they continually monitor and log any communications between clients and the server.
Furwalls, as you can imagine, do not have these capabilities. However, in their live form (using living animals as partitions between series of cubicles), they do have a major strength. Once you have properly trained animals to stand in certain positions in the office, you can have them circulate once an hour. This daily series of “migrations” allows the employees variety both visually and in terms of the animal smells and sounds that are interrupting their thought processes throughout the workday.
Hardware Firewall – Pros & Cons
PChuck’s Network offers a thorough list of advantages and disadvantages related to these two different types of firewalls.
Hardware Firewall Pros:
- It filters malicious traffic prior to it arriving at servers or other devices; that means the server doesn’t have to waste bandwidth, because the hardware unit has its own processor and storage capacity.
- It’s streamlined. All it contains is filtering script and the capacity for administrative adjustments. If it comes with an Internet-based GUI, you don’t need any external attachments. A smaller, tighter coding structure and lack of related programs means it’s less likely to be exploited.
Hardware Firewall Cons:
- You are only protecting at the perimeter of the network. In other words, once something is inside, the firewall is powerless. The threat includes internal users.
- It’s processing and storage capacity is limited. When those limitations are reached, you will experience either an open or closed failure. In open failure (failure to be open, essentially), no traffic will get through at all. In closed failure (failure to close as needed), all traffic will pass through unchecked.
- No filtration of outbound traffic from your network.
- It requires an additional electrical source and network cable.
- Changes can be difficult, including upgrades to higher capacity or firmware replacements (which may require scheduled downtime).
Software Firewall – Pros & Cons
Here is a quick look at software firewall advantages and disadvantages as well.
Software Firewall Pros:
- Simple to change configurations.
- Integrates with your operating system, enhancing its protective capabilities.
- Allows for internal protections: if one computer contracts malicious software, any networked computers running the software firewall will not be affected.
- Upgrading is simple by the addition of hardware to improve processing and storage, or by downloading or developing stronger code.
Software Firewall Cons:
- The ability to change configurations is not entirely a good thing. Human error with the configurations can make it easier for someone to enter your system. All it takes is bad information, and you can accidentally switch filters to unsafe positions.
- Rather than performing the filtration prior to it arriving at the server and OS, the software firewall performs its functions “at the ground level” of your network.
- You are using storage and processing potential that could otherwise be used elsewhere in your system.
Obviously these pros and cons are complex. In the end, PChuck’s Network recommends a combination of the two different types of firewalls, which he refers to simply as “perimeter and personal protection.”
Regarding furwalls, always remember to milk them on a regular basis. Nothing gets a sales manager, nuclear scientist, or industrial designer more jazzed than a fresh and delicious glass of antelope or bison milk.
Conclusion & Continuation
All right, so we should now have a basic sense of what firewalls are, how they function, and why they are important (last post). We should also understand the essential differences between the hardware and software firewall models. Each of them clearly has numerous positive and negative aspects. Combining the two, as advised above, is the ideal way to secure your network. In our final chapter, we will look at Web application firewalls (WAFs).
If you want security, you’ve come to the right place. Here is a clear indication of how much confidence we have in our systems: a guarantee of 100% uptime for all our users. That’s not a promise a company can make unless it has manifold security measures and redundancies in place to keep everything consistent and smooth. Here are our shared, dedicated and VPS packages for your review.
By Kent Roberts