[Wolves] Firewalls

David Goodwin dg at clocksoft.com
Wed Jul 20 11:17:55 BST 2005

Kevanf1 wrote:
> I am led to believe that a hardware firewall is better than a software
> one.  But, that it is better still to have both hardware and software
> running together.  Is that correct?  What is the difference between a
> hardware and software firewall?  Other than the obvious that a
> hardware one is a solid box.  It still has software running it.

I think your question should really be :

What's the benefit of having a stand alone firewall, as opposed to it 
being on a box that's used for other stuff as well?

In which case, I'd say something like :

- A dedicated machine is less likely to be comprimised (no users logged in)
- A dedicated machine could be an O/S which is more secure by default 
(e.g. OpenBSD)
- A dedicated machine is less efficient (i.e. wasted cpu cycles/electric 
- A dedicated machine can be locked down more (e.g. no remote logins, 
less software installed, fewer services running etc)


David Goodwin
w: http://www.clocksoft.co.uk
e: david.goodwin at clocksoft.com
t: 0121 313 3850

More information about the Wolves mailing list