Do you need a personal firewall aswell as a router firewall?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Heard you shouldnt have two firewalls running at the same time.
I have a draytek wireless router with a built in firewall, but i also have
zone alarm free onmy laptop. do I need this second firewall?
 
Hi,

The rule is that you shouldn't have two software firewalls running on the
same installation, and that is to avoid conflicts. Using a router's firewall
in concert with your system's firewall is perfectly acceptable. Consider
this: If another machine behind the same router becomes infected, would you
want your machine exposed to it? The router firewall only protects the
machines behind it from outside influences, not from each other.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org
 
Do not use more than one (1) software-based firewall
as conflicts and error messages may occur.

If you already have a non-Microsoft firewall on your computer, you should
continue to use it. If you do not have a firewall, then you have a choice.

If you want a simple firewall that is very easy to configure, then you should
use the Windows XP Internet Connection Firewall. If you want more advanced
control over the traffic that passes through your computer and you also want to
block outgoing traffic (that is the traffic from your computer out to the Internet)
then choose a personal firewall from another company.

Internet firewalls: Frequently asked questions
http://www.microsoft.com/athome/security/protect/firewall.mspx

Use the Internet Connection Firewall
http://www.microsoft.com/windowsxp/using/networking/learnmore/icf.mspx

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

-------------------------------------------------------------------------------------------

:

| Heard you shouldnt have two firewalls running at the same time.
| I have a draytek wireless router with a built in firewall, but i also have
| zone alarm free onmy laptop. do I need this second firewall?
 
mck684 said:
Heard you shouldnt have two firewalls running at the same time.
I have a draytek wireless router with a built in firewall, but i also have
zone alarm free onmy laptop. do I need this second firewall?
Click to expand...


If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself
(or any "curious," over-confident teenagers in the home). Again --
and I cannot emphasize this enough -- almost all spyware and many
Trojans and worms are downloaded and installed deliberately (albeit
unknowingly) by the user. So a software firewall, such as Sygate or
ZoneAlarm, that can detect and warn the user of unauthorized out-going
traffic is an important element of protecting one's privacy and
security. (Remember: Most antivirus applications do not even scan for
or protect you from adware/spyware, because, after all, you've
installed them yourself, so you must want them there, right?)

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach. In the professional IT community,
this is also known as a "layered defense." Basically, it comes down
to never, ever "putting all of your eggs in one basket."


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
mck684 said:
Heard you shouldnt have two firewalls running at the same time.
Click to expand...


You shouldn't have two *software* firewalls running at the same time. What
you have is fine.

I have a draytek wireless router with a built in firewall, but i also
have zone alarm free onmy laptop. do I need this second firewall?
Click to expand...


"Need" is perhaps too strong a word, but I recommend that you keep it. Your
router protects you against inbound threats. ZA adds protection against
rogue programs trying to call home.
 
A router is hardware independent of the PC for operation. ZA runs on the PC
which is where the two or more firewall restriction is applicable.

Use of a NAT router will take some of the incoming load off of ZA, thus your
PC. Continue to use both.
 
mck684 said:
Heard you shouldnt have two firewalls running at the same time.
I have a draytek wireless router with a built in firewall, but i also have
zone alarm free onmy laptop. do I need this second firewall?
Click to expand...

This topic should be available on google due to the MANY number of times
it's been asked and replied too.

You have two areas to protect:

1) your network
2) your PC

Even in a single PC environment you have a Network, and that network
should be as isolated from the Internet as possible. A NAT appliance
(which does not mean it's a firewall) works by not routing inbound
traffic that you didn't request from your network. What this means is
that all the worms, viruses, compromised computers, people looking for
an exposed computer, can't reach your network by default. So, if you
have a NAT router without any INBOUND forwarding rules, nothing should
be able to make it INTO your network unless YOU REQUEST IT.

As for outbound, well, most of those non-Firewall NAT Appliances do
nothing about outbound, which means that anything that is on your PC
that wants OUT is free to get out. Some NAT routers, again still not
firewalls, allow you to block outbound traffic to specific destination
ports (like blocking outbound 135~139 and 445) which keeps your computer
from spreading a lot of chatter around the net.

The nice thing about a NAT appliances is that once you set it up, and
once you change the default subnet and password, it's very unlikely that
anything on your computer will compromise the setup of the NAT
appliance.

As for PERSONAL Firewall applications running on your computer - they
provide as much protection as you permit them to, and work as well as
you allow them to. Yea, doesn't really say much does it? Well, the
simple fact is that almost every PFW can be compromised in short order
by the user doing something stupid - and there are a lot of stupid users
out there. No PFW is perfect, but I trust the Windows XP SP2 firewall
least of all of them, ZAP is the one I trust the most, and ones like
Tiny are what I personally use on my laptops, but I don't recommend the
more technical ones to non-technical types. One of the nice things about
PFW is that they can detect changes in applications and they can tell
when an application MAY be doing something it should not be doing - but
that's something that malware can get around by tricking you again.

One of the best setups for a home users, someone not running any
publically exposed services, is the NAT Router with a real-time log
monitor. Like using a Linksys BEFSR41 with WallWatcher so that you can
see what's going in/out of your network in real time (and historical
logs too).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Wireless Firewall or Router? 10
Firewall question 25
Firewalls and Wireless Routers 42
Router firewall impact? 8
Router firewall no protection? 1
Do I need two firewalls? 6
turned off, but still: windows firewall has blocked some features of this program 7
XP Firewall and Zone alarm 19

Back
Top