Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
SDSL router running NAT. how secure is it?
- Thread starter wardog25
- Start date
I like very much the discussion here:
MaxPipeline
Vendor
NAT is not a good substitute for a firewall. Although NAT by nature drops any incoming packets not in it's NAT table by default, this does nothing if you have an infected PC on the inside sending requests out to the Internet. It would be wise to have a firewall between the router and your PC's. Or at the very least have personal firewalls configured on your PC's There are some free ones out there that do a decent job. Do a search for firewalls on downloads.com. I'm partial to ZoneAlarm mself.
- Thread starter
- #5
MaxPipeline
Vendor
What make and model is your router? Does your router even have firewall capabilities? If not then you might have to install another piece of hardware between your router and the rest of your network. The costs of these vary considerably, but one possible inexpensive solution is to set up a spare PC as a proxy server and run your firewall on that machine. There are plenty of threads that describe how to do this on this board.
As for each individual PC, it is still a good idea to have some sort of personal firewall on each machine.
As for each individual PC, it is still a good idea to have some sort of personal firewall on each machine.
- Thread starter
- #7
Netopia is all I can remember off the top of my head. But it is just an SDSL router/modem provided by the DSL company. I doubt it is capable of much of anything.
Why bother setting up a firewall on each machine if you have a proxy server with one?
Why bother setting up a firewall on each machine if you have a proxy server with one?
MaxPipeline
Vendor
It is still a good idea for protection from viruses and trojans for example. In case one of your 70 PC's pickes up a virus or trojan it shouldn't affect the other 69 PC's. In this day and age of hackers, worms, viruses, trojans, spyware, etc. you can never have too protection. Of course your level of security is really up to whatever your comfort zone is. So perhaps for you individual PC firewalls maybe overkill. But to me I think you can never be too careful.
One more thing. Windows XP has Internet Connection Firewall built in. If your PC's have WinXP you can simply turn it on if it isn't on already. But Win2K or earlier does not have this feature. Just thought I'd throw that out there as well.
One more thing. Windows XP has Internet Connection Firewall built in. If your PC's have WinXP you can simply turn it on if it isn't on already. But Win2K or earlier does not have this feature. Just thought I'd throw that out there as well.
That's right. The proxy acts as a buffer between your LAN and the internet, not between network resources within your LAN. In a large network environment, placing a firewall on each workstation is overkill, since a higher level solution needs to exist on each server. However in a smaller environment such as yours, having one on each might not be a bad idea. It's not necessarily overkill, and a little pain now can save a lot later.
~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
- Status
Similar threads
- Locked
- Question
- Locked
- Question