BleepingComputer.com: Hardware firewall

I've heard that hardware firewalls are a nice way of keeping all the nasties out of your system and make for a rather robust secure environment.

I want to do some research and would like some advice on where to start.

I already have a wireless router from my ISP and would like to know where in the scheme of things a hardware firewall would fit in. Are they difficult to configure? I know they range in price from modest to . . well, not so modest. Any advice for a home solution would be welcomed.

Thanks in advance for any advice on this topic.

ADF

few things to look at:

1) is it a home environment?
if so then a broadband router has a built in firewall. they are not very configurable but the do give decent content filtering.

2)does your current equipment from your isp assign you a NAT or internal address such as 192.168.x.x or 10.0.x.x?
if so you probably have a firewall already on that, check with your isp for configuration.

3)what are you trying to block?
Programs and downloads or just content and websites. please post a little more detail on this subject.

meuchel,

1) Thanks for reminding me. I forgot that my ISP router probably already has a firewall on it. I will check when I get home.

2) And yes, it does have an internal address such as 192.168.x.x

3) I'm mostly concerned about content and websites. I already have software that is supposed to be able to scan files (Norton). I also have Spybot.

Despit the protection I was running, my computer got a virus on it last week. After getting it cleaned up, someone mentioned hardware firewalls.

I currently run Windows Firewall but from what I'm learning, it's not the greatest solution.

So, if my router already has a firewall on it, then what I really need to do is look a little more closely at the software solution . . . perhaps change my software or augment what I already have.

ADF.

yes

that and content filtering on your existing firewall/router

content filtering allows you to block sites by keyword such as porn, sex ...yadayada
you are getting a route-able address so most of the ports should be blocked by default
to avoid getting a virus i would look at locking down your software to not allow execution from your temp/temporary internet files folder.

ADVANCED MANIPULATION:
you can also block download execution through gpedit.msc Computer Configuration>Windows Settings>Security Settings>Software Restrictions>Additional Rules
Create a new path rule to disallow execution from the temporary files directories.
Then you would only be able to install files by downloading them to your Desktop or other Personal folder.

hmmm . . .never thought of that. kind of makes sense though once you think about it. thanks so much for your help meuchel. much appreciate the tips.

t.

FWIW: Many of us find a software firewall, combined with a router...to be as efficient as anything required. The router employs NAT which isn't really a firewall...but it is an added layer of protection.

http://computer.howstuffworks.com/nat.htm

http://www.michigan.gov/cybersecurity/0,16...08698--,00.html

Louis

thanks Louis.

that's useful information ... rather thorough too.

adf

Easily done .

Louis