Hardware-based firewalls - Why they are different from software-based firewalls
Both software and hardware-based firewalls are devices that monitor a networks traffic and protects the network from hackers’ or spyware intrusions. But there the similarities end – a software firewall is a program and a hardware one is, just as its name suggests, a piece of hardware that works as an intermediary between a local network (or a single computer) and the rest of the Internet.
Protecting a single computer versus protecting part of a network
Hardware firewalls are generally used to protect the whole local network, not a single computer, and the software-based firewalls are used mainly to defend single computers. Of course nothing should stop you from using a software firewall with a single computer and a hardware one for the whole network, but the different firewalls’ capabilities make it a wise division. Hardware-based firewalls are much harder to break through, but they lack the software firewalls flexibility. They are perfect for stopping the intrusions, but helpless when it has already happened.
Access rules
Hardware firewalls can’t normally limit an applications’ access level – no application can be prohibited from Internet access. As the result, a hardware firewall can’t stop an installed spyware program from sending your personal information to its creator.
Outgoing traffic from the protected network
The real Achilles’ heel is the fact that most hardware-based firewalls check only incoming traffic and treat all data packets that come from the network as legitimate. If a software firewall can at least stop your data from leaking when you’ve been infected with some spyware worm, a hardware firewall will usually let it go.
Configuration
But hardware firewalls have also a few strong points. The first one is easy configuration – most hardware-based firewalls require little or no configuring in order to work properly. Software-based firewalls usually need a lot of tinkering in their configuration options to make them work the way you like them to work.
Upgrading and computer’s performance
Most hardware firewalls do not need constant upgrading. Once they are installed, they work just by themselves. What’s more, hardware-based firewalls do not slow your PC down the way software firewalls do. They use neither your computer’s memory nor the processor.
Disabling
While many spyware programs or viruses are capable of turning off a software-based firewalls the moment the scumware installs on your PC, it is virtually impossible to disable a hardware firewall without physically unplugging it.
Hardware-based firewalls are almost completely safe from attacks and because of that they are more reliable, especially compared to the lower quality software firewalls (unfortunately an XP built-in firewall is one of these “lower quality firewalls”).
To sum it up, a hardware-based firewall is a very useful device either for inexperienced users or as an additional protection for local networks. However, it can’t supersede a software-based firewall as it lacks many important functions (like defining the access rules for applications). If you’re a network administrator, using a hardware-based firewall is a very good idea, but if you are an end user, you should install a firewall program instead of a hardware device.
