Why do I need a dedicated Firewall?

Gidster
Gidster London, UKMember Posts: 224
100 Likes 100 Comments 25 Awesomes 25 Agrees
✭✭✭
Doesn't my basic router do enough to stop unwanted access to my network?
Why would I invest in something else?
Head of Product at Fing
VioletChepil

Answers

  • Pooh
    Pooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    edited September 3, 2019 #2
    It's a start, but not the end. A standard router is good at stopping unwanted inward traffic from hitting endpoints, but it's also pretty dumb. When you do allow an inward connection, it's got no real ability to do anything other than accept it.

    Equally, the same is true with outbound traffic. Triply so if you have kids. Firewall functionality can block traffic to certain areas of the web for some users (e.g. kids) but allow it for other users.

    Firewalls, be they software of hardware based, often have the ability to subscribe for updates - thus helping preventing users from visitor sites that have been identified as serving malware, or operating as Command and Control centers.

    A firewall isn't the final answer to home network security, it is an extra tool that should be used.

    You don't have to have a firewall - and many folk don't. Most users are traditionally safer with a firewall though. It all comes down to your use case really.

    For example, I've got some friends who need their kids WiFi only devices to be disconnected from chat apps etc. during Homework time. So I'm looking for a device that can have that level of control.
    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • MDavide
    MDavide Member Posts: 53
    Second Anniversary 25 Likes 10 Comments First Answer
    ✭✭✭
    edited September 3, 2019 #3
    Pooh said:
    For example, I've got some friends who need their kids WiFi only devices to be disconnected from chat apps etc. during Homework time. So I'm looking for a device that can have that level of control.

    For this kind of functionality, I use Screen Time, from Screen Time Labs.

    It gives a high level of customization and I can definitively say that it is worth the monthly fee.

    Not a firewall, but a MDM, indeed.

    Davide
    VioletChepil
  • kltaylor
    kltaylor Member, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    Gidster said:
    Doesn't my basic router do enough to stop unwanted access to my network?
    Why would I invest in something else?
    To me, this is like saying 'Isn't Windows Defender the only AVS and Malware protection that I need for my computer?'
    Simply, the answer is 'No'.
    It's a good start, but not great protection especially if you perform a lot of cloud-based functions from that computer, banking, online shopping, etc.
    Understand that a firewall basically monitors incoming traffic and parses it according to 'rules' defined within it.  All outbound traffic by default is allowed.  Adding a consumer-based firewall isn't a bad idea, Trend Micro has a nice one that integrates rather well with existing hardware. 
    Fingbox also will allow you to actively monitor those connections on your network in a preventative means to keep your network traffic safe and guarded.  It's a Win-Win if you ask me.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepil
  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Don't forget to choose a BEST ANSWER @Gidster :) 

    Community Manager at Fing

  • Gidster
    Gidster London, UKMember Posts: 224
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭
    @kltaylor why wouldn't a malware solution from a tech giant with deep pockets like Microsoft, and who wants more people to use it's OS over Mac OS, be just as good as a solution from a smaller business? Where is Windows Defender failing?
    Head of Product at Fing
  • Hronos
    Hronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments Second Anniversary 25 Awesomes
    ✭✭✭✭
    edited September 6, 2019 #7
    Gidster said:
    @kltaylor why wouldn't a malware solution from a tech giant with deep pockets like Microsoft, and who wants more people to use it's OS over Mac OS, be just as good as a solution from a smaller business? Where is Windows Defender failing?
    @Gidster, I believe is just a matter of "trust", for the home side.  For the bussiness a think is the "customization" and other "add-ons" (like DLP's, encryption, etc.) all in one management tool.
    Same with the firewall function on a router, normally is pretty dump, in some cases you can block URL's (like my Tenda router, but it is as a "per device" option, so it's much granular work, and have to be done again for each new device). 
    As I mention on another discussion, I would not want to make the router cluttered with a task another hardware is prepare to, thinking on "that other device" is easy to buy (in my case this is the real problem) and set up.
    Keep looking up!
    kltaylorGidster
  • kltaylor
    kltaylor Member, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    Gidster said:
    @kltaylor why wouldn't a malware solution from a tech giant with deep pockets like Microsoft, and who wants more people to use it's OS over Mac OS, be just as good as a solution from a smaller business? Where is Windows Defender failing?
    That is a very good question.
    I'm a sys/net admin, I subscribe to services like AV-Comparatives and AV-Test to stay up-to-date on the latest trends when it comes to system security.
    Windows Defender, while not a bad product, really doesn't completely cover everything that you want in AVS protection.  While the MS product is a great start for keeping your systems and network protected, I want more in an AVS package.
    I've dealt with systems infected with Malware and Root Kits while only using Windows Defender.  My personal preference is Sophos Home, as it actively decrypts my keystrokes and monitors network traffic as well. 
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    Gidster