Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What is different between firewall hardware device example (watch guard) and firewall application. example (tmg)? what is the advantage & disadvantage?

user-image
Question ajoutée par Tarek Abd El Moneam Mohamed Sleem , IT Manager & Consultant , Construction Engineering and services (Conc-Group)
Date de publication: 2013/10/06
Utilisateur supprimé
par Utilisateur supprimé

Basically the hardware fireall comes with a dedicated hardware...we can do nothing in that otherthan the preconfigured firewall...and the software firewall u can install in any recommended hardware...old era software firewalls were treated like desighned for minimal purpose like home users...bult TMG is pure feature packed typical industrial product...like every microsoft product ..master it to love it...

Ahmad Yassein
par Ahmad Yassein , Infrastructure Network Manager , Ministry of International Cooperation (MIC)

Hardware Firewalls: (Pros)

1) It has its own dedicated memory for building connection tables, translation tables, IPSec SAs, and other security parameters.

2) It has a dedicated encryption/hashing accelerator to handle encryption processes in IPSec VPNs, SSL VPNs, and other security features that needs encryption/hashing.

3) It normally comes with more physical interfaces than you can find in a normal NIC in a PC.

4) It is protected from physical breaches by design.

 

Hardware Firewalls: (Cons)

1) Not easy to manage. You have to be familiar with the complicated command line interface (CLI) commands.

2) Even if you want to use GUI, you need to install it first in the internal flash and then call it via web browser. The GUI is even not friendly. (talking about ASDM in Cisco here)

3) You have to reserve a new unused rack space for it.

 

Software Firewalls: (PROS)

1) Easy to manage and more GUI friendly.

2) Straightforward application installation.

3) You can use an existing server to install it and no need to purchase additional hardware for it.

 

Software Firewalls: (CONS)

1) Vulnerable to exploitation.

2) Encryption/Hashing processes is extremely slow and not accurate.

3) IPSec VPNs is not stable if the other end is a hardware VPN platform.

 

Well, that is what i remember for now. You're most welcome to add some additional thoughts to my list.

 

More Questions Like This