Većina korisnika računala upoznata je s pojmom vatrozid^(Firewall) . Vatrozidovi su hardverski^(Hardware) uređaji ili softverski^(Software) programi koji nadziru dolazne i odlazne veze analizirajući paketne podatke na zlonamjerno ponašanje. Kao što definicija kaže, postoje i softverski^(Software) i hardverski vatrozidi^{(Hardware Firewalls)} . U ovom modernom dobu, doslovno smo u ratu s hakerima i programerima zlonamjernog softvera i virusa, cijelo vrijeme i sigurnost podataka postala je briga broj jedan. Kako bismo zaštitili svoja računala, koristimo sigurnosni softver kao što su AntiVirus i Firewall –^{(Firewalls –)} a kao što smo upravo spomenuli, postoje dvije vrste vatrozida – Hardverski vatrozidi^{(Hardware firewalls)}  i Softverski vatrozidovi^{(Software firewalls)}.

Hardverski^(Hardware) vatrozid u odnosu na softverski^(Software) vatrozid

U ovom članku ćemo govoriti o razlici između softverskog vatrozida^{(Software Firewall)}  i hardverskog vatrozida^{(Hardware Firewall)} .

Hardverski vatrozid

Hardverski vatrozidi^{(Hardware Firewalls)} se uglavnom mogu vidjeti u širokopojasnim modemima i prva su linija obrane, koristeći filtriranje paketa^{(Packet Filtering)} . Prije nego internetski^(Internet) paket stigne na vaše računalo, hardverski vatrozid^{(Hardware Firewall)} će pratiti pakete i provjeriti odakle dolaze. Također provjerava može li se IP adresa ili zaglavlje vjerovati. Nakon ovih provjera, paket tada stiže do vašeg računala. Blokira sve veze koje sadrže zlonamjerno ponašanje na temelju trenutačne postavke vatrozida^(Firewall) na uređaju. Hardverskom vatrozidu^{(Hardware Firewall)} obično nije potrebna velika konfiguracija. Većina pravila je ugrađena i unaprijed definirana te se temelji na tim ugrađenim pravilima; dovršeno je filtriranje paketa^{(Packet Filtering)} .

Današnja tehnologija je toliko poboljšana da se ne provodi samo tradicionalno filtriranje paketa^{(Packet Filtering)} . Hardverski vatrozid^{(Hardware Firewall)} ima ugrađen IPS / IPDS ( Sustavi za sprječavanje upada^{(Intrusion Prevention Systems)} ), koji je ranije bio zaseban uređaj. Ali sada su oni uključeni, nudeći nam veću zaštitu.

Kada IPDS otkrije zlonamjernu aktivnost, šalje i signalizira i resetuje vezu te blokira IP adresu. Koristi analizu protokola temeljenu na potpisu, statističkim anomalijama i analizu stanja. Više o tome možete pročitati ovdje^(here) . Ali glavni nedostatak koji smatram je to što dozvoljava sve odlazne pakete, tj. ako je slučajno zlonamjerni softver ušao u vaš sustav i počeo prenositi podatke, to bi bilo dopušteno osim ako korisnik nije svjestan toga i odlučio ga zaustaviti. Ali u većini slučajeva to se ne događa.

Hardverski vatrozid^{(Hardware Firewall)} je obično dobar za vlasnike malih ili srednjih poduzeća, s 5 ili više računala ili okruženjem za suradnju. Glavni razlog je taj što tada postaje isplativo jer ako kupite licence softvera Internet Security/Firewall za 10 do 50 kopija, i to također na godišnjoj osnovi pretplate, to će koštati puno novca, a implementacija bi također mogla biti problem. Korisnici će imati bolju kontrolu nad okolišem. Ako korisnik nije tehnički pametan i ako odluči nenamjerno dopustiti vezu koja ima zlonamjerni softver^(Malware) , to bi moglo uništiti cijelu mrežu i ugroziti tvrtku sa sigurnošću podataka. Hardverski vatrozid bi stoga mogao biti vrlo koristan u takvim slučajevima.

Uvijek postoji nekoliko stvari koje morate uzeti u obzir^{(things you have to consider)} prije kupnje hardverskog vatrozida. Broj korisnika u vašoj mreži, broj VPN korisnika u vašoj mreži, jer bi podcjenjivanje broja moglo iscrpiti performanse vašeg uređaja i utjecati i na izvedbu internetske^(Internet) veze. Također, provjerite imate li dovoljno licence za VPN vezu s klijentom, a ima li i podršku za SSL , PPTP itd. vezu. Čak i ako morate platiti pretplatu, pokušajte – jer pretplata znači da dobivate najnovije definicije.

Proizvođači sada uključuju Gateway Antivirus , skenere zlonamjernog softvera i ^(Malware)filtre sadržaja^{(Content Filters)} , tako da ćete s njima dobiti maksimalnu zaštitu. Na primjer, CISCO hardver^{(CISCO Hardware)} uključuje “Cisco ProtectLink sigurnosna rješenja” na odabranim uređajima. Obrađuje specifičnu sigurnosnu prijetnju, a kao dio ukupne sigurnosti, pristup pruža slojeve zaštite od različitih prijetnji.

Postoji mnogo tvrtki koje možete birati kao što su CISCO , SonicWall , Netgear , ProSafe , D-Link , itd. Provjerite imate li uz sebe certificiranog mrežnog stručnjaka tijekom postavljanja ili dobru tehničku podršku jer vjerujte mi, trebat će vam ih kada konfigurirate sustav.

Pročitajte^(Read) : Različite vrste vatrozida : njihove prednosti i nedostaci

Softverski vatrozid

Sada kada znamo kako hardverski vatrozidi^{(Hardware Firewalls)} rade, govorit ću malo o softverskim vatrozidima^{(Software Firewalls)} . Da budem iskren, softverski vatrozidi^{(Software Firewalls)} ne trebaju puno objašnjenja jer je većina nas toga svjesna i već ih koristi. Kao što sam rekao u odjeljku Hardverski vatrozid^{(Hardware Firewall)} , ako korisnik nije informiran o tehnologiji i ako odluči dopustiti vezu koja ima zlonamjerni softver^(Malware) , to bi moglo uništiti cijelu mrežu i ugroziti tvrtku sa sigurnošću podataka. Tu se pojavljuje softverski vatrozid, jer ovdje možemo blokirati i dolazne i odlazne veze i postaviti pouzdana pravila kako bi se te nezgode mogle izbjeći.^{(That’s where software firewall comes into the picture, as here can we block both incoming and outgoing connections and set up trusted rules so these accidents can be avoided.)}  Dobavljači vatrozida neprestano istražuju ovo pitanje i vide ažuriranja prema potrebi, tako da su šanse da vaše računalo bude ugroženo male.

Zbunjujući je posao odabrati cjelovito rješenje Internet Security koje je pravo za vas. Kada pretražujete po forumima, možete vidjeti goruću raspravu u kojoj svaki član brani svoje omiljene. Izgubit ćete se u ovim raspravama koje će završiti zbunjenijima nego kad ste započeli. Pravilo je da svoje prioritete postavite ravno. Napravite popis stvari koje želite. Na primjer, želite li besplatno rješenje vatrozida^(Firewall) ili plaćeno? Koje su vam značajke potrebne u vašem vatrozidu^(Firewall) , koje su dodatne značajke potrebne, kao što su npr . Antispam , Web zaštita^{(Web Protection)} , skener zlonamjernog softvera , ^(Malware)Antivirus , itd. Želite li dobiti Internet Security Suite? Kada se odlučite, usporedite značajke. Za jednu upotrebu koristim Windows vatrozid^(Firewall) . Jedini nedostatak koji smatram da ima je to što prema zadanim postavkama dopušta sve odlazne veze. Stoga sam koristio dodatnu aplikaciju pod nazivom Windows Firewall Control – koju možemo postaviti da blokira sve odlazne veze i pravila postavljanja za one koje želimo, jednostavnim klikom. Imaju i besplatnu verziju i profesionalnu plaćenu verziju, ali besplatna verzija je više nego dovoljna. Windows Firewall Control  i Windows Firewall Notifier su druga dva besplatna softvera koja možete provjeriti.

Kao što je Marcus J. Ranum rekao: "Računalna sigurnost nije ništa drugo nego pozornost posvećena detaljima^{(attention to detail)} i dobar dizajn^{(good design)} ". Nadam se da će vam ovo pomoći da odlučite koju želite.

Sophos XG Firewall Home Edition je softver za vatrozid hardverskog tipa koji biste možda htjeli pogledati.

Tomorrow we will list some good freeware third-party firewall software for Windows, so stay tuned! But while on this topic, we’d love to hear of any hardware firewalls you’d like to recommend.

Hardware firewall vs Software firewall - Difference

Most computer users are familiar with the term Firewall. Firewalls are Hardware devices or Software programs that monitor incoming and outgoing connections analyzing the packet data for malicious behavior.  Like the definition says, there are both Software and Hardware Firewalls. In this modern age, we are literally at war with hackers and malware and virus developers, all the time and data security has become the number one concern.  To protect our computers, we use security software like AntiVirus and Firewalls – and as we just mentioned, there are two kinds of firewalls – Hardware firewalls and Software firewalls.

Hardware firewall vs. Software firewall

In this article, we’ll talk about the difference between Software Firewall & Hardware Firewall.

Hardware Firewall

Hardware Firewalls are mostly seen in broadband modems, and are the first line of defense, using Packet Filtering. Before an Internet packet reaches your PC, the Hardware Firewall will monitor the packets and check where it comes from. It also checks if the IP address or header can be trusted. After these checks, the packet then reaches your PC. It blocks any links that contain malicious behavior based on the current Firewall setup in the device. A Hardware Firewall usually does not need a lot of configuration. Most of the rules are built-in and predefined and based on these inbuilt rules; the Packet Filtering is done.

Today’s technology has improved so much that it not just the traditional Packet Filtering which is carried out. The Hardware Firewall has built-in IPS / IPDS (Intrusion Prevention Systems), which earlier used to be a separate device. But now these are included, offering us greater protection.

When an IPDS detects malicious activity, it sends and signal and reset the connection, and blocks the IP address. It uses signature-based, statistical anomaly-based, and stateful protocol analysis. You can read more about this here. But the main drawback I find is that it allows all the outgoing packets, i.e., if by chance, malware got into your system and started transmitting data, it would be allowed unless the user became aware of it, and decided to stop it. But in most cases, this does not happen.

Hardware Firewall is typically good for small or medium business owners, with 5 or more PC or a co-operate environment. The main reason is that it then becomes cost-effective because if you’re to purchase Internet Security/Firewall software licenses for 10 to 50 copies, and that too on an annual subscription basis, it will cost a lot of money and deployment could also be an issue. The users will have better control over the environment. If the user is not tech-savvy and if they choose to inadvertently allow a connection that has Malware behavior, it could ruin the entire network and put the company at risk with data security. A hardware firewall could thus be very useful in such cases.

There are always few things you have to consider before buying a Hardware-based firewall. The number of users in your network, the number of VPN users in your network, because underestimating the number could exhaust the performance of your device and affect the performance of the Internet connection as well. Also, make sure you have enough license for VPN client connection, and it has SSL, PPTP, etc. connection support too. Even if you have to pay a subscription, go for it – because a subscription means that you get the latest definitions.

Manufacturers are now including Gateway Antivirus, Malware scanners, and Content Filters, so you’ll get maximum protection with them. For example, CISCO Hardware includes  “Cisco ProtectLink Security Solutions” on selected devices. It addresses a specific security threat, and as part of overall security, the approach provides layers of protection against different threats.

There are a lot of companies you can choose from like CISCO, SonicWall, Netgear, ProSafe, D-Link, etc. Make sure you either have a certified network professional with you while setting up or good tech support because trust me you’ll need them when you configure the system.

Read: Different types of Firewalls: Their advantages and disadvantages

Software Firewall

Now that we know how Hardware Firewalls work, I’ll talk a bit about Software Firewalls.  To be honest, Software Firewalls do not need a whole lot of explanation because most of us are aware of it and are already using them. Like I said in the Hardware Firewall section if the user is not tech-savvy and if they choose to allow a connection that has Malware behavior, it could ruin the entire network and put the company at risk with data security. That’s where software firewall comes into the picture, as here can we block both incoming and outgoing connections and set up trusted rules so these accidents can be avoided.  Firewall vendors constantly research in this matter and see out updates as and when required, so the chances of your computer getting compromised are slim.

It’s a confusing job to pick a complete Internet Security solution that is just right for you. When you search in forums, you can see a flaming debate, where each member is defending their favorite ones. You’ll be lost in these debates ending up more confused than when you started. The rule is to set your priorities straight. Create a list of things you want. For example, do you want a free Firewall solution or paid one? What features you need in your Firewall, What additional features are required, like say Antispam, Web Protection, Malware scanner, Antivirus, etc. Do you want to go in for an Internet Security Suite? Once you decide, then compare the features. I for one use Windows Firewall. The only drawback I find it has is that, by default, it allows all the outgoing connections. So I used an additional application called Windows Firewall Control – which we can set up to block all the outgoing connections and also the setup rules for the ones we want, with a simple click. They have both a free version and a professional paid version, but the free version is more than enough. Windows Firewall Control and Windows Firewall Notifier are the other two freeware you could check out.

Like Marcus J. Ranum said, “Computer security is nothing but attention to detail and good design”. Hope this will help you decide which one you want.

Sophos XG Firewall Home Edition is a hardware-type firewall software you might want to take a look at.

Tomorrow we will list some good freeware third-party firewall software for Windows, so stay tuned! But while on this topic, we’d love to hear of any hardware firewalls you’d like to recommend.

Related posts

• Kako konfigurirati i postaviti postavke vatrozida rutera

• Najbolji softverski i hardverski Bitcoin novčanici za Windows, iOS, Android

• Softverski RAID vs Hardverski RAID - Objašnjene razlike

• Kako onemogućiti Radeon Software overlay (ALT+R) -

• TinyWall vam omogućuje da ojačate i kontrolirate vatrozid Windows 10

• Kako blokirati ili deblokirati programe u vatrozidu Windows Defender

• Trebate li vatrozid za Android uređaj?

• ZoneAlarm besplatni vatrozid za Windows PC

• 5 razloga zašto je Windows vatrozid jedan od najboljih vatrozida

• Uključite ili isključite obavijesti vatrozida za Windows u sustavu Windows 11/10

• Kako konfigurirati Windows vatrozid u sustavu Windows 11/10

• Prilagodite pravila i postavke vatrozida za Windows 10

• Sigurnost za svakoga - Pregledajte ZoneAlarm Free Antivirus + Firewall

• Popravak Windows vatrozida ne može promijeniti neke od vaših postavki Pogreška 0x80070424

• 5 načina za otvaranje vatrozida Windows Defendera -

• Trebate li vatrozid treće strane za Mac i Windows?

• Pregled Glasswire vatrozida i alata za nadzor mreže

• Zatvorena luka vs Stealth Port - raspravlja se o razlici

• Jednostavna pitanja: Što je Windows vatrozid i kako ga uključiti ili isključiti?

• Kako dopustiti ili blokirati program u vatrozidu sustava Windows 11/10