Firewall Wizards mailing list archives

Re: firewalls and routers

From: "Horvath, Kevin M." <KEVIN.M.HORVATH () saic com>
Date: Wed, 15 Nov 2006 10:05:48 -0500

1. if we are using a router, does that mean a computer that processes credit

cards does not need to have its firewall enabled?

Do you mean since you are using a router that has some sort of ACL applied?
Otherwise a router routes packets and without any additional features
enabled (this depends on the vendor as the capability ie, nat, limitied ids
signatures, pbr, acls, etc) then it will not provide security.  Even if you
do have everything enabled on the network side (and throw in the kitchen
sink) you still need a hids/hips and some form personal firewall whether
it's a tcp wrappers, a commercial fw, etc.

2. can a router have a firewall and if so, how does one get to it to 
configure it?

In short some can and some cant it depends on the vendor, model, and the
licensing for it.  The next question is do you really want to do this?  The
answer depends on the amount of traffic you push, the size of your network,
current design(including the types of devices currently in production), etc.
if you enable the firewall functionality on router it will take a
performance hit.

Hope this helps.


Kevin M. Horvath
CISSP, CCSP, GCIH, INFOSEC, CQS-FW, CQS-VPN, CQS-IDS, CCNA
SAIC - IT Security Division



-----Original Message-----
From: firewall-wizards-bounces () listserv cybertrust com
[mailto:firewall-wizards-bounces () listserv cybertrust com] On Behalf Of phil
connelly
Sent: Tuesday, November 14, 2006 10:45 PM
To: firewall-wizards () listserv icsalabs com
Subject: [fw-wiz] firewalls and routers

I'm afraid I have some really basic questions (I'm trying to resolve a 
potential security issue where I work).

1. if we are using a router, does that mean a computer that processes credit

cards does not need to have its firewall enabled?
2. can a router have a firewall and if so, how does one get to it to 
configure it?

thx

pc

_________________________________________________________________
Stay in touch with old friends and meet new ones with Windows Live Spaces 
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spa
ces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

firewalls and routers phil connelly (Nov 15)
- Re: firewalls and routers Paul D. Robertson (Nov 15)
- Re: firewalls and routers sai (Nov 15)
- <Possible follow-ups>
- Re: firewalls and routers Horvath, Kevin M. (Nov 15)
- Re: firewalls and routers Andrew Isdale (ZA) (Nov 27)