[Wolves] Firewalls
David Goodwin
dg at clocksoft.com
Wed Jul 20 11:17:55 BST 2005
Kevanf1 wrote:
> I am led to believe that a hardware firewall is better than a software
> one. But, that it is better still to have both hardware and software
> running together. Is that correct? What is the difference between a
> hardware and software firewall? Other than the obvious that a
> hardware one is a solid box. It still has software running it.
I think your question should really be :
What's the benefit of having a stand alone firewall, as opposed to it
being on a box that's used for other stuff as well?
In which case, I'd say something like :
- A dedicated machine is less likely to be comprimised (no users logged in)
- A dedicated machine could be an O/S which is more secure by default
(e.g. OpenBSD)
- A dedicated machine is less efficient (i.e. wasted cpu cycles/electric
bill/space)
- A dedicated machine can be locked down more (e.g. no remote logins,
less software installed, fewer services running etc)
david.
--
David Goodwin
w: http://www.clocksoft.co.uk
e: david.goodwin at clocksoft.com
t: 0121 313 3850
More information about the Wolves
mailing list