Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Linksys BEFSR11 router as a firewall?

Status
Not open for further replies.
DavidRock

DavidRock

Programmer
Jul 24, 2002
61
US
Hello,
What is the difference between a router and a firewall? The above router says it can function as a firewall because it has "built-in NAT" technology. I only need to protect 3 PC's but do not wish to compromise on security. Are the two devices essentially the "same thing"?

Thanks,
David Rock
 
Sort by date Sort by votes
A router and a firewall are certainly not the same thing, however, a router perform many of the functions of a firewall, and a firewall can perform many of the functions of a router.

I see a lot of routers these days that claim to be firewalls simply because they perform Network Address Translation (NAT).

NAT is certainly a first step towards filtering unwanted inbound traffic, and for many home users (who probably don't allow any inbound network connections) it is far superior to what they had before (nothing).

Firewalls can also perform "stateful packet inspection," which means that they look at every inbound packet and make sure that a connection handshake occured previously and is in their state list. If it isn't, the packet is automatically rejected, which blocks the half-open and half-closed scans that are so commonly performed across the internet. Many firewalls also offer application proxies, that allow the firewall to filter certain (possibly malicious) content in the connections, like Java in web pages or other active content in emails. And firewalls generally perform defragmentation, so that fragmented packets can't be used to DoS or avoid detection in an IDS.

But all of those extra features come at a cost. You have to understand and configure them in order to make your firewall useful.

So, if you are just using it to protect your home machines, and you aren't going to put up a server behind your router/firewall that accepts connections from the internet, then a router/firewall is probably close enough.
pansophic
 
Upvote 0 Downvote
Well put, pansophic. I might add that a router will do nothing about outbound traffic, whereas a good firewall should alert you if there's packets being sent out that the user didn't initiate (like what would be caused by a trojan).
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
720
Sameer258
Sameer258
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
201
hairlessupportmonkey
hairlessupportmonkey
Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
516
Sparrow4
Sparrow4
intel233
  • Locked
  • Question
ASA5510 - SSL Cert
Replies
0
Views
458
intel233
intel233
quar
  • Locked
  • Question
Moving a rule
Replies
2
Views
270
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top