Do I need a dedicated firewall

By jgold1061 ·
I administer the network for the small municipality where we live. The Board has decided to upgrade all the hardware. Fortunately, it's a small, straightforward proposition: One server, three PCs, and three printers. SBS 2011 Essentials on the server, Windows 10 Pro on the PCs.

The main difference is that they want wireless access. Up to now I've made do with the router's firewall. We haven't had any issues mostly because this is a community of about 3300 residents evenly split between young families and seniors.

There is a small core group of "haters" that has issues (mostly irrational) with the current administration. None of them are likely to stoop to hacking but I'd rather not count on that being a guarantee for the future.

Being that there are only two full-time users as well as the 5 member, part-time Board of Trustees who have access to the system, is a dedicated firewall necessary or am I relatively safe sticking with the router?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Firewall Questions

by wmanigault In reply to Do I need a dedicated fir ...

What kind of router do you have? Most routers that provide Wireless access have a built in firewall. As long as that is enabled you should not need to invest in a separate firewall for your network. Make sure it is enabled and you have a strong password (not easily guessed) password for the Wireless connection.

Collapse -


by NehaSharma9 In reply to Do I need a dedicated fir ...

Yes, you need a dedicated firewall for sure for maximum security.

Collapse -

Do I need a dedicated firewall

by danielaschuster31 In reply to Do I need a dedicated fir ...

I think by dedicated firewall you mean a hardware-based firewall as opposed to software-based firewall like in your router?

Do you need a dedicated firewall?

Well, a lot of that depends on the router. Some routers has a lot more functionality than low end dedicated firewalls.

Generally, dedicated hardware gives you better functionality for the Firewall role, and includes other perimeter services like:

* More robust application-level gateways (make sure * TCP/80 is really HTTP and not SSH, that kind of thing)
* VPNs, IPSec and SSL.
* Integration with authentication systems
* Ability to proxy certain application traffic

There is also a strong argument to make about having a dedicated device handle your perimeter connection: Should an external attack take out your border device the only thing affected on your network is the connection to the outside world.

Regardless of what you will choose, you should also perform a network security test with a dedicated tool like Breaking Point.

It can simulate real user environment and test an validate infrastructure. Inject security attacks and malware into that simulated traffic to test the resiliance of your security infrastructure.

Related Discussions

Related Forums