Firewall overkill

[Tim]

I have a question. Is it overkill to have a firewall on
every computer on a network, even if the main server and
router have one. I think it is and i think my boss is
overkilling the security by putting a firewall on all the
computers. What do yall think?
Thanks for the input!

 

[Kent Smith]

I have a question. Is it overkill to have a firewall on
every computer on a network, even if the main server and
router have one. I think it is and i think my boss is
overkilling the security by putting a firewall on all the
computers. What do yall think?
Thanks for the input!

I suppose it depends on how paranoid you are.

It also depends on how the external firewall is configured, and how
secure your local network is. A good rule of thumb is to think about
putting a firewall between every computer and the outside world. If
you have a hardware firewall with no open ports between all of
internal network and the 'net, then that is probably adequate. But if
you have an insecure wireless LAN, then you may want firewalls on each
machine. Or if your private network includes publicly available
machines that could be used to attack (or snoop) from the inside.

It really depends on how you are set up. But look at it the other
way: Is having all these firewalls causing you any problems? It may
be overkill, but if it causes your boss to have peace of mind, and
there is not real cost associated with it, then you may want to leave
well enough alone.

--Kent

=================================
Kent Smith * IPSO Incorporated
Business * Technology * Solutions
Advising Clients on Technology Strategy
Integrating Complex Systems
Custom Development of Applications and Interfaces

http://www.ipsoinc.com

 

[Guest]

-----Original Message-----


I suppose it depends on how paranoid you are.

It also depends on how the external firewall is configured, and how
secure your local network is. A good rule of thumb is to think about
putting a firewall between every computer and the outside world. If
you have a hardware firewall with no open ports between all of
internal network and the 'net, then that is probably adequate. But if
you have an insecure wireless LAN, then you may want firewalls on each
machine. Or if your private network includes publicly available
machines that could be used to attack (or snoop) from the inside.

It really depends on how you are set up. But look at it the other
way: Is having all these firewalls causing you any problems? It may
be overkill, but if it causes your boss to have peace of mind, and
there is not real cost associated with it, then you may want to leave
well enough alone.

--Kent

=================================
Kent Smith * IPSO Incorporated
Business * Technology * Solutions
Advising Clients on Technology Strategy
Integrating Complex Systems
Custom Development of Applications and Interfaces

http://www.ipsoinc.com
.
Well all the computers have problems and bogg down all

the time. He has a linksys router w/ vpn and Symantics
(however you spell it) Firewall on everything

 

[Steven L Umbach]

It depends on the perimeter firewall and how he wants the network managed. A good SPI
firewall at the perimeter that also has a default block all outbound rule and then
exceptions for allowed outbound traffic based on internal IP adresses may be
adequate. However personal firewalls can provide an extra layer of protection,
particularly do to the fact that they can have firewall rules mapped to applications
protected by MD5 hash which may be desirable to prevent users from using internet or
network applications that they should not be using such as chat programs or file
swapping programs. It can also prevent worms/trojans from accessing other computers
on the lan. I use Zone Alarm on my laptop on my home lan and it does not interfere at
all with access to my network resources. --- Steve

 

[Guest]

The largest security problem is often found on the local network and not on the internet. Firewalls on all computers will always give better security

So I do not see local Firewalls as overkill

Regards J. Langager Petersen