Do I need a dedicated hardware firewall?

This is a question that we are often asked by small and medium sized businesses. They get confused when hearing about software firewalls and about routers with embedded firewalls and are often left wondering whether it is worth protecting their network with a dedicated hardware firewall or if their router and software firewalls provide adequate protection.

What does a firewall do?

Firewalls inspect traffic between your network or your computer and the outside world. A firewall can make sure that information that enters or leaves your network is safe and not malicious, but it can also be used for network access control, application control and web filtering to name a few.

Difference between a hardware firewall, a software firewall and a router with an integrated firewall.

A software firewall is installed to an individual computer and it only protects that single device. It mainly controls the behaviour of specific applications as for example blocking access to specific websites. Most popular operating systems come with a free software firewall (e.g., Windows comes with Windows Defender).

A hardware firewall is a physical device installed between your router and your switch (at the perimeter of the network) and protects all devices on the network. A dedicated hardware firewall has usually many more features and controls than a router with an embedded firewall or a software firewall. It provides control from a single device over the whole network and allows you to easily apply policies and decide what kind of traffic is allowed or not.

Hardware firewalls are much more resistant to malware since their operating system was designed specifically for this purpose in contrast to popular software or operating system firewalls that are often the target of malware developers who often find way to circumvent them. Furthermore, a hardware firewall can ease the burden on computing resources (for example if you have a hardware firewall you can disable software firewalls which free up memory and processing power).

Routers with firewall or protective capabilities in general may seem like an attractive option to some but they offer limited protection and are not recommended when a business is interested in a comprehensive security solution. There are a number of network attacks that they would not typically detect but would offer some very basic protection.

Should I opt for a hardware firewall?

Having a hardware firewall, would be the better options for SME’s of all sizes. The cost of obtaining one is not prohibitive and its cost is dependent on the size of the business.

Small Business IT Support London, is a Sophos partner, which offers a variety of options for businesses of different sizes. However, our technicians can work with a variety of vendors should that be a requirement.

A Sophos firewall combined with Sophos antimalware software can provide a very comprehensive security solution for your company with a variety of features such as web and application control, wireless access point management, encrypted traffic inspection, web application protection, email spam protection, phishing protection, VPN connectivity as well as remote site connectivity.

Please talk to us about your requirements and we will advise on the best solution for your network.