1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Router Firewall vs Hardware Firewall

Discussion in 'Networking' started by tech.jk, Sep 8, 2011.

?

Router Firewall vs Hardware firewall - which one (In terms of speed AND protection)

Poll closed Sep 15, 2011.
  1. Router firewall only

    0 vote(s)
    0.0%
  2. Hardware firewall only

    0 vote(s)
    0.0%
  3. Both Router and Hardware firewall

    0 vote(s)
    0.0%
  4. Firewall? Who needs that!?

    0 vote(s)
    0.0%
Thread Status:
Not open for further replies.
Advertisement
  1. tech.jk

    tech.jk Thread Starter

    Joined:
    Aug 4, 2007
    Messages:
    208
    Hey everyone!
    Just out of curiousity, do you think there would be a visible (or negligible) difference in internet speed if I used a hardware firewall as opposed to the router's inbuilt firewall?

    So assuming that all switches/ports were Gigabit Ethernet compatible (including the firewall itself), would it be a better idea to turn off the router/modem's firewall and use the hardware firewall, or would it be best to just stick with the router firewall?

    The reasoning behind this is that I'm not a big fan of Netgear... or their firewall system. After recent DDoS attacks (and IP address changes), I've decided to put a computer that was lying around to good use - Use it as a (Linux) firewall. iptables, here we come. :rolleyes: - Yes, the Netgear router (CVG824G) has died a few times. Probably going to get upgraded to a NG CG3000, which uses (more or less) the same firewall system, I assume.

    Thoughts?
     
  2. prunejuice

    prunejuice

    Joined:
    Apr 2, 2002
    Messages:
    3,408
    A router firewall is essentially a hardware firewall.
     
  3. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,373
    I don't understand your reference to a DDoS attack. Are you saying your Netgear suffered a DDoS?

    I think your issue with Netgear is more of an issue with a particular model as there are other Netgear routers which operate reliably.

    As far as what constitutes a hardware firewall, it depends. Some firewalls have firmware specifically designed for firewall duties. Some firewalls add in better processors and ASICs designed for firewall duties.
     
  4. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    30,995
    I think any software based firewall like you mentioned (other is smoothwall) you might have more control on the data traffic, but speeds should not be hindered unless you use 10Mbps NICs...
     
  5. tech.jk

    tech.jk Thread Starter

    Joined:
    Aug 4, 2007
    Messages:
    208
    Sort of. Unless my ISP was messing with me and restarted the router... I saw the thing restart right in front of my eyes...

    But yeah - I'm basically wondering (once again, assuming that they're all Gigabit NICs, as I mentioned above) would there be a noticeable speed difference?

    My idea was just to forward all the packets to the dedicated firewall, get the PC (essentially) to filter out the dodgy packets, as opposed to the modem/router having to deal with it, potentially slowing it down.
     
  6. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,373
    This doesn't mean you were a vicitim of a denial of service attack. There have been documented cases of some Netgear routers rebooting due to issues with the firmware or overheating. One such router was the WGT624v1.

    Just because you put Gigabit interfaces onto a box to run as a firewall, does not mean the box will run at line rate. The Cisco ASA5520 does not run at full 1 Gig throughput. It runs more at around 440 Mbps. This firewall is about $5k and is a purpose built firewall appliance.
     
  7. tech.jk

    tech.jk Thread Starter

    Joined:
    Aug 4, 2007
    Messages:
    208
    Interesting.
    Well, thanks for that, zx10guy!

    You know what really depresses me sometimes? The fact that people won't quite read your original post, assume something, then go on about other stuff.

    I mean, what's the point of a tech support website when the people who normally respond first are more likely to well, treat you like an idiot regardless of context? You may as well have a generic response for every single question that is posed.
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1016583