Hardware Firewall vs. Software Firewall: Which one do I pick?

Choosing between a hardware firewall and a software firewall for your network is an important decision and should be thought out carefully.

First, the job of a firewall is (oversimplified explanation coming) to examine the data that comes  in and out of your network.   A hardware firewall is a separate device (in the same way that your printer is a separate device) that sits between the internet (E.g. often your cable modem) and your network, and as said above, it checks and “filters” the data coming in and out based on rules that you set.   A software firewall works similarly, except that a software firewall is a program that runs on your computer (in the same way that word is a program that runs on your computer).

Basic Advantages and Disadvantages of Hardware Firewalls

Other than having a very cool box to show your neighbors, there are distinct advantages and disadvantages to a hardware firewall.

1. Hardware firewalls make managing the firewall settings for an entire network easy so that individual machine configuration isn’t required.  The caveat to this is that it’s still a good idea to have software firewalls on the machines even though a hardware firewall is in place.

2. Hardware firewalls don’t eat up processing power from your computer, and as a separate device, won’t slow down your machine as do some software firewalls (the same caveat as in “1” above still applies).

3.  From a cost perspective, it may be less expensive on a large network to have a hardware firewall than it would be to purchase sofware for each individual machine.  Again, this is a decision that needs to be made by your IT person, as only he or she will know if you need to have hardware and software firewalls in place.

4. Hardware firewalls are generally more expensive than software firewalls, and often require more technical expertise  to configure.  As a general rule, a hardware firewall is often overkill for the average home user.

5. Software firewalls, while not too expensive, often require user input regarding whether or not to allow certain traffic on a computer.  In a business environment, it may not be a great idea to allow untrained personnel to make decisions regarding what traffic can come in and out of the network.

On a final note, know that some routers do come with built-in firewalls.  These firewalls often aren’t as configurable as stand-alone hardware firewalls, but they still may be able to meet the needs of your network.

This article presented only a basic overview of hardware vs software firewalls, and armed with this knowledge you can now start exploring specific products for your network.

Related posts