What is the difference between a Windows and Network Firewall?

-

What is the difference between windows firewall and network firewall?

May 10, 2018
So what is the difference?

Well, let's understand the basics of your connection to the internet.

This is what communication looks like going out of your computer. 
Your Computer ------Router------Modem----Provider--Internet

(Sometimes the modem and router are the same unit).

Your network firewall (in a home scenario) sits on your Router or between your mode and router if you have a separate firewall.    

The purpose of the network firewall is to block anyone from randomly coming from the internet and connecting to your home network.  (Anything on your network including your network router).  The goal is to keep the bad guys out.   It does this by blocking traffic according to rules set by default or in advance, or by filtering based on what goes out and if it expects a response.  This is your first line of defense from the internet.  You want to make your network more secure, set your firewall up correctly or pay someone to setup your firewall correctly.  By default you should block all inbound traffic unless you run a webserver out of your house. If you don't know, you don't. Less than .001% of you reading this will run a web server from your home.

Your windows firewall is similar to the network firewall but is physically on your computer.  The windows firewall blocks traffic according to rules but ALSO uses "stateful packet inspection" which means packets coming in must MATCH known traffic that has gone out.   So it does rules but it knows what traffic should be coming in.   This is much more secure as few Network firewalls (on home routers) conduct stateful inspection and are usually just rule based.

Firewalls DO NOT protect against malware.
Firewalls DO NOT prevent you from installing something bad.
Firewalls DO NOT protect you from downloading bad software.
Firewalls DO NOT protect you from giving away your information.

Firewalls ONLY protect you from unauthorized network based attacks against your system.
  --So do I really need them?
    SH!T THE F*CK H3LL YES!

This is a live map of attacks going on globally.  Just follow that link and watch for 30 seconds.
http://map.norsecorp.com/
Or this one
http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=17659&view=map

These are two different vendors. Most have their own maps based on their own sensors across the world. 

There are thousands of automated attacks every second of every day. 

Keep your firewall on.

Even if you have nothing to protect on your network, do you want some hacker using your computer to attack your countries government?
Thank you for reading.
Have a question or comment?  Please ask or leave feedback below.  I'm here to help you.
Please follow and share this blog for more posts like this.

Comments

Post a Comment

Popular posts from this blog

Virtualization: What is it and do I need it?

-
There is a lot of talk about Virtual Machines now but the reality is that it's not for everyone.  TLDR:  Do you play online or graphic intensive games? Don't use a VM.               Do you do heavy video editing or work?  Don't use a VM.               Do you browse on the web ALOT?  It might be a good idea to use a VM.               Do you watch a lot of porn? It might be a good idea to use a VM. Now, for a more in depth look at when and why to virtualize a computer.  Let's say you are heavily into gaming, but you want to keep your work stuff separate from your gaming stuff.  So on your Windows computer you create a Virtual Machine which is basically a computer within the computer.  Microsoft does this through a special service called Hyper-V which is just a fancy name for software based hardware. There are other virtual machine vendors out there like VMware, Virtual Box, Parallels. What a virtual machine does is create a virtual physical computer which you c
Read more

How to copy large files faster.

-
Over many years I have tried dozens of different methods to copy large amounts of files. On home small networks windows drag and drop is sufficient.  But when you start moving 500+gigs and 100k files, you want something more robust. The clear winner is still Robocopy. If you haven't used Robocopy or are afraid of the command line, use winRobocopy.  It is free and builds the command line for you. The reason I recommend Robocopy is MULTI-THREADED.  Windows Drag and Drop uses between 1-8 threads to copy files. Robocopy can be set as high as 128.  This can change 1 day copies to just a few hours. This means it uses 128 channels so is effectively copying up to 128 files or segments of files simultaneously.  There are many additional switches you can use and this GUI makes it really easy to build commands and then copy and paste into the command line.  http://www.upway2late.com/#/projects/winrobocopy  #sysadmin #techtools #techutilities
Read more

Smart Home tips.

-
Smart home technology is becoming ever more popular.  But everyone forgets about one key component that can ruin your experience.  Your home router.   Most people who are not tech savvy use their providers router.   These are typically capable of handling up to 6 devices without major slow downs.   Once you add that 7th device, things become sluggish.  Add 8 and your network may seem downright slow.    My home has about 18 devices 7-12 of which are active all the time.   I use a mid-high end ASUS router with 8 antenna and 3 networks across multiple channels.   I divide my traffic up by putting TV's, Lights, and other appliance types on 1 network.    I put computers, desktop and laptops on the second wireless network. And my phones and kids tablets are on the third network.   I also have an Akita Smart home Monitoring device in addition to my routers packet inspection and firewall features.    I also enable all the default firewall capabilities of every device (where applicable).  F
Read more