Jason - if you have a hardware firewall you don't need any software firewalls. Hardware firewalls stop anything before it gets to your computer, while software firewalls stop anything after it gets to your machine.

i used pc-cillian and i thought it was great,but i just recently download the AVAST virus and firewall,it works much much better and doesn't slow your system down like Norton and i've seen some better response than PC-Cillian.You can download it from www.webattack.com ...they have a lot of freeware stuff and shareware as well.Check it out.

yarg, you do need a software firewall even with a Hardware firewall....

I actually spend two or three days a month explaining exactly why you need this to customers and such so it is a common myth that you do not need both.

Simply put, the Hardware Firewall even with filtering enabled is going to catch say 89% of attacks but will end up letting 11% of them through because of the fact that your Browser is making an authorized network connection.

Software Firewall products update constantly to keep up to date with emerging exploits. Hardware Firewalls do it periodically on the norm and then again some try to keep up. But even they bring a whole new set of exploits into the picture that they are going to be keeping up with.


Fuzzy

Pix and VPN's are wide open to a network because all it takes is one node to be cracked which is authorized on the VPN and your network is on the road to being owned by another.

Internet is oh so sweet and complete Job security

#4 by Tabasco1TX - 8/30/2003 10:24:01 PM i used pc-cillian and i thought it was great,but i just recently download the AVAST virus and firewall,

There is no firewall mentioned in the description for AVAST.....

ZA, unlike Win XP's ICF, provides outbound monitoring and app control. So unauthorized apps (like Trojans picked up in downloaded files) could be caught trying to access the internet. I've seen cases where an AV misses a trojan and only ZA (or other software firewall with outbound monitoring) brought the trojan to the user's attention when a pop up informed the user that a new app was trying to get net access.

So if the hardware firewall is a NAT router with firewalling capabilities, I would still recommend a software firewall since most so called hardware firewalls (especially if it's really a router) have no outbound screening capabilities. Additionally, during the recent msblaster outbreak some people who thought they were safe because they used a NAT router weren't because they hadn't properly configured it.

Of course, what you should use depends on your internet practices and how concerned you are about layering your security or how technically on top of things you are about security issues and what manner of defenses you can use as well as what safe practices you follow. I ran for 6 months just using ICF without problems. But my internet activities are not particularly adventurous compared to some. Others who do P2P and IRC which is a good source of malware should have a good AV, a dedicated Anti Trojan app and a software firewall with outbound monitoring IMO. YMMV

RE: PC Cillin: Over at Broadband Reports, there aren't many comments about its firewall but those that are there are not complimentary. This thread is announcing a new beta edition of their package but references are made to the current editions firewall as well http://www.dslreports.com/forum/remark,7797738~root=security,1~mode=flat

I'm also a user of PC-cillin and ZA. And am happy with that combination. I was reading the link that sig101 gave us. Looks interesting and mentally debating about whether or not I want to beta test the new version of PC-cilln---or Trend Micro Security 11, as they plan on calling it.