Firewall on network?

[Robertm]

I had to uninstall my personal firewalls to get the network to run. The man
who setup the network said this is ok because the router has a double
firewall which is 1000 times more difficult to hack than a software
firewall. Is this the best protection or should some sort of software
firewall be installed and if so, what type? I had Norton on one computer and
Zone Labs on the other and they prevented the needed communication. Did I
simply have the wrong version and I need a network version?

Bob

 

[Jack \(MVP\)]

Hi

DA man is wrong. Router’s NAT Firewall are providing only partial protection.

This page might explains the Issue: http://www.ezlan.net/firewall.html

Software Firewall can be set correctly to allow Network Traffic.

May be this can Help. - http://www.ezlan.net/faq#trusted

Jack (MVP-Networking).

 

[Chuck]

I had to uninstall my personal firewalls to get the network to run. The man
who setup the network said this is ok because the router has a double
firewall which is 1000 times more difficult to hack than a software
firewall. Is this the best protection or should some sort of software
firewall be installed and if so, what type? I had Norton on one computer and
Zone Labs on the other and they prevented the needed communication. Did I
simply have the wrong version and I need a network version?

Bob

Bob,

Not knowing what router the man who setup the network put into place, I can only
guess. Unfortunately, a router (NAT or otherwise) only provides perimeter
protection. These days, you need individual protection too, ie Layered
Security. This article explains it best.
<http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html>

If you can't get Norton or ZoneAlarm to work, try using Windows Firewall. But
use something, please.

 

[Richard G. Harper]

The correct answer is, "It depends on your router". Mine has both NAT
(Network Address Translation) and an SPI (Stateful Packet Inspection)
firewall that blocks unwanted traffic. If yours has the same then you are
almost assuredly well-protected by the router alone. If not then you need
to assess your software firewall needs.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Robertm]

The correct answer is, "It depends on your router". Mine has both NAT
(Network Address Translation) and an SPI (Stateful Packet Inspection)
firewall that blocks unwanted traffic. If yours has the same then you are
almost assuredly well-protected by the router alone. If not then you need
to assess your software firewall needs.

Mine is a Netgear RP614 with both NAT and SPI.

Bob

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

I had to uninstall my personal firewalls to get the network to run. The
man who setup the network said this is ok because the router has a double
firewall which is 1000 times more difficult to hack than a software
firewall. Is this the best protection or should some sort of software
firewall be installed and if so, what type? I had Norton on one computer
and Zone Labs on the other and they prevented the needed communication.
Did I simply have the wrong version and I need a network version?

Bob

 

[Richard G. Harper]

Then I'd say that you're probably well-enough protected as long as you keep
the firewall settings "tight" - make sure no holes have been opened in the
router, turn off loose rulesets like "game" settings (yours may call it
something different but this feature allows programs to open their own ports
in the router) and so on ...

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

The correct answer is, "It depends on your router". Mine has both NAT
(Network Address Translation) and an SPI (Stateful Packet Inspection)
firewall that blocks unwanted traffic. If yours has the same then you
are almost assuredly well-protected by the router alone. If not then you
need to assess your software firewall needs.

Mine is a Netgear RP614 with both NAT and SPI.

Bob

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

I had to uninstall my personal firewalls to get the network to run. The
man who setup the network said this is ok because the router has a double
firewall which is 1000 times more difficult to hack than a software
firewall. Is this the best protection or should some sort of software
firewall be installed and if so, what type? I had Norton on one computer
and Zone Labs on the other and they prevented the needed communication.
Did I simply have the wrong version and I need a network version?

Bob