Home > Ask the Networking Experts > Questions & Answers > Which is better - a firewall appliance or a dedicated machine running firewall software?
Ask The Networking Expert: Questions & Answers
EMAIL THIS

Which is better - a firewall appliance or a dedicated machine running firewall software?

Puneet Mehta EXPERT RESPONSE FROM: Puneet Mehta

Pose a Question
Other Networking Categories
Meet all Networking Experts
Become an Expert for this site
>
QUESTION POSED ON: 15 October 2003

This is a question in regards to creating a firewall for my business; we have roughly 350 computers with six servers. Budget is not an issue, security is.

I've been reading up on firewalls and am having difficulty seeing through to the facts of which is actually better, a firewall appliance, or a dedicated machine running firewall software. Each of the companies that make them say that their product is better, and I can't seem to find out which one actually is.

Have you got any advice as to which one might be more suitable?


>
It's a fact that firewalls are moving to appliances and the reason behind it is to make them as secure as possible. It's not the appliance itself, which makes a difference, but the OS (firmware), memory, processing power, architecture and the kernel, which drives it.

The major problem seen with the software-based firewalls is the performance basically with network traffic control, since it relies totally on the underlying hardware for its stability and performance. Moreover, any missed security patches on the underlying OS can have the firewall system compromised even while the Firewall is running. A firewall is not isolated in a design, but rather integrated with corporate VPNs and IDS as well.

When it comes to a firewall, downtime is a big NO. It requires a high processing and memory power to perform all these transactions. In fact Nokia last year announced that all of its enterprise range firewalls will be appliance based. Why have firewall software from one and install it on another vendor's hardware, when you can have a single vendor providing all the services in just one box. Appliance takes away the headache of maintaining security patches for each – the hardware, OS and the firewall software.


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Expert networking advice and tips for IT professionals
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2000 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts