Using Firewall Software and computers connected via router

Currently I use Zone Alarm software on my computer. If the computer is now
connected to a router (wireless), is it necessary to still have this
software on the computer. If not, what is the consequences of leaving it
on?

--
Have a great day, except you spammers
To email, remove the obvious

.......

On 21-Jun-2005, "Les" <(E-Mail Removed)> wrote:

> Currently I use Zone Alarm software on my computer. If the computer is
> now
> connected to a router (wireless), is it necessary to still have this
> software on the computer. If not, what is the consequences of leaving it
> on?
>
> --
> Have a great day, except you spammers
> To email, remove the obvious
>
> ......

It can be argued that since you are using your router's firewall (NAT and/or
SPI), you don't really need your software firewall. Still, I prefer both.
Normally, your hardware firewall will prevent access to your LAN from the
WAN (internet) unless you provide access. I use my software firewall to
monitor programs and apps trying to gain access to the WAN. Depending on how
you use them, software firewalls can aid in the detection of spyware. In
summary: Hardware firewalls - protection from intruders. Software Firewalls
- monitors data trying to gain access to the internet without your knowledge
or approval.

--
Just Me, D

On Tue, 21 Jun 2005 20:01:33 GMT, "Les" <(E-Mail Removed)>
wrote:

> Currently I use Zone Alarm software on my computer. If the computer is now
> connected to a router (wireless), is it necessary to still have this
> software on the computer. If not, what is the consequences of leaving it
> on?

If you have a NATed router, your hosts are pretty well protected from
outside. But viruses and malware coming in on carelessly handled email
may infect a computer with a zombie, and a firewall can do something which
the router can not - limit damage from programs running inside on network.

Tony

I am told (but am prepared to be smashed to the ground) that the Router
(with it's hardware firewall) should be OK with the XP firewall running
as well ..... not too sure about Zone Alarm, but you will soon get to
know as the signal (to wireless PC's/Laptops)will keep dropping /
disconnecting etc, in which case disable ZA, if not leave it running.
;-)

Doug Jamal wrote:
> It can be argued that since you are using your router's firewall (NAT and/or
> SPI), you don't really need your software firewall. Still, I prefer both.
> Normally, your hardware firewall will prevent access to your LAN from the
> WAN (internet) unless you provide access. I use my software firewall to
> monitor programs and apps trying to gain access to the WAN. Depending on how
> you use them, software firewalls can aid in the detection of spyware. In
> summary: Hardware firewalls - protection from intruders. Software Firewalls
> - monitors data trying to gain access to the internet without your knowledge
> or approval.
>
> --

Yep .......... Doug's advice is usually sound!!

Les wrote:

> Currently I use Zone Alarm software on my computer. If the computer is
> now connected to a router (wireless), is it necessary to still have this
> software on the computer. If not, what is the consequences of leaving it
> on?
>

The only thing the PFW solution can do is stop outbound that the typical NAT
router cannot do or protect other machines on the LAN, which really doesn't
do much good if the machines are doing resources sharing with each other.
Typical NAT routers running SPI and some other FW like features are not FW
appliances running ture FW software.

A PFW solution is not a FW. It doesn't separate two networks. The PFW
solution is only software that provides machine level protection. Anything
running at the machine level, you should not treat it like a crutch and
think that it's a stop all and ends all solution and trust it completely.
as malware and Trojans can circumvent and defeat it.

If the NAT router has logging capabilities, then you should enable its
logging and use a logviewer like Wallwatcher, Kiwi Syslog Daemon or others
and watch inbound and outbound traffic to/from the router to possible
dubious remote IP(s).

I would say implement the PFW or some other packet filtering software on the
machines to supplement a NAT router.

If you had a FW appliance, then I would say you could dump the PFW solution
on the machines.

Duane

On 21-Jun-2005, "Jack Ouzzi" <(E-Mail Removed)> wrote:

> Yep .......... Doug's advice is usually sound!!

Thanks Jack, you're way too kind. Like everyone else, I help when I can and
when I cannot, I stay silent and learn from others. Thanks again and take
care.
--
Just Me, D

On 21-Jun-2005, "Jack Ouzzi" <(E-Mail Removed)> wrote:

> I am told (but am prepared to be smashed to the ground) that the Router
> (with it's hardware firewall) should be OK with the XP firewall running
> as well ..... not too sure about Zone Alarm, but you will soon get to
> know as the signal (to wireless PC's/Laptops)will keep dropping /
> disconnecting etc, in which case disable ZA, if not leave it running.
> ;-)

A NAT and/or SPI router can usually co-exist with a software firewall
without any problems. On the other hand, the Windows firewall often has a
fit when used in conjunction with a third party firewall.

--
Just Me, D