Hardware or software firewall?


New member
Would you use a dedicated box/rack mounted firewall or would you just rely on a software firewall to protect your servers?

Is there much difference between the two? For example in reliability in keeping intruders out of your network?
I’d recommend both, especially if your servers are likely to be ddos/dos attacked and susceptible to other similar threats as hardware firewalls come into their own with this kind of threat. As a rule of thumb think of them as a front line defence as more often than not without reconfiguration they do little more than scan, route and drop packets.

Software firewalls are very similar but protect individual machines and are necessary if your sever utilises FTP to help ensure and also remove any threats that may have slipped past. Though many data centred already utilise network level (hardware) firewalls.

A more indepth but by no means a complete 101 could be http://www.windowsnetworking.com/articles_tutorials/Choosing_a_Firewall.html
Software firewall is mandatory to keep your average lookyloo's at bay, however they're already on the machine and can drive up the CPU and usage, not to mention the dDOS with just TCP requests.

With the hardware firewall you can stop the intrusion before it ever reaches your machine. Null route their connection and you no longer have to think about them (on the machine level). It's then into the DataCenter's hands to find the inflow of traffic and cut that off. You at that point are no longer contributing to the problem.

As stated, all datacenters have some form of hardware firewall - some go two or three levels deep before getting to your machine. Some of the depth that you will want to go to will depend on how exposed you are as a site on the web.
You know the type Steve - those Port Scanners, the dictionary login attempts, the mail bomb... A generic software firewall can handle all of that, but so many people don't even run that!

Hardware and software is ideal, but hosts skimp out on some of the extra protection claiming it's a customers responsibility. Kinda sad.
You get a windows firewall Free with every windows OS, it is for protecting your PC, While connected in the network, you should also use the hardware Firewall to get more secured.:)
Both are important, hardware firewalls are typically owned by larger businesses.
Hardware firewalls are best suited to businesses and large networks; software firewalls are best suited for the home user who wants easy customization.
I think hardware firewall is more effective than software hardware.Hardware firewall is suit for larger networks while software firewall not suit that.
Both hardware aswell software firewall has their own advantages.
But using combination of both can reduces lots of security concern and can keeps system and networks well protected.
Both hardware and software firewalls is what I would normally recommend, however is does depend on the traffic you are attracting. Go with both, most providers I know of offer a entry level low cost hardware firewall :)
It will be better if both hardware and software firewalls are used. Many people use both. Bigger businesses are use hardware firewall to secure their more than one servers.
The ideal case of server security can be said with a combination of hardware and software firewall. Individual/home users always rely on software firewall. Software firewalls allows you to customize it according to your need. It will protect your computer from attempts to gain access to your machine from outside network. When dealing with a large production servers with lot of sensitive data, a hardware firewall becomes very handy, as it gives extra protection at the hardware level. Along with the software firewall your server will be having strong protection.

Forum statistics

Latest member