Re: Router vs Firewall

otnj2ee · ‎10-23-2005

First I can connect several PCs to a router, then connect this router to an ADSL modem, and finally via this model (which is connected to an local ISP), all the PCs on the LAN can access to the internet;

Now, let's do this with a firewall, i.e., connect several PCs to a Firewall, then connect this Firewall to an ADSL modem, and finally via this model (which is connected to an local ISP), all the PCs on the LAN can access to the internet, too.

So, my question is when should we use the router and when to use firewall?

Especially, nowadays, a router contains "some" firewall inside, while a firewall also contains "some" router inside.

Thanks to help

Scott

ddarby1 · ‎10-24-2005

Hi Scott,

There isn't necessarily a definitve answer to your question. In my view it depends on the scale of implementation, cost, security requirements and technical expertise.

On one hand, you could for example combine everything into a Cisco Router for example, using a Firewall/Encryption feature set, Security Device Manager and even an ADSL card.

The router can be a sensible place to enforce security in a small environment, since it sits on the perimeter. It's also useful because it can support many types of WAN connections.

However, I find it generally easier to enforce & manage security on a firewall - the PIX for example (obvious really as a firewall is purpose built for this).

Also, in a larger environment a company will want to enforce their own security but often won't have direct control over the perimeter routers (provided by ISP).

I think you should try to experiment a bit, but for a small environment, such as you described, a firewall device with a decent GUI should probably provide what's needed.