Router, Firewall, Network Security Appliance

Router, Firewall, Network Security Appliance - What's the Difference?

Today, virtually every internet connection has a router that does NAT (Network Address Translation). In English, that means multiple PCs sharing an internet connection, all from behind a single public IP address on the internet (i.e. your PC has an IP that starts with 192.168 or 10). This provides a basic level of protection for the PCs as it keeps out unsolicited, inbound traffic from the internet.

What makes a firewall different than a router?  Firewalls typically have a key feature that routers don't - they can limit the traffic that is permitted outbound. This allows you to deny all types of traffic and then permit only the traffic you want outbound. This can help prevent malware from connecting out to a bad guy, bypassing the protection offered by a router. This provides better control over what can be done on a protected PC.

However, virtually every firewall configuration permits web surfing as that is one of the most common internet activities. As such, malware authors have adapted their malware to use the HTTP ports associated with web surfing to allow their malware to connect back to them. So, what is a user to do?

This is where Network Security Appliances come into play. Security appliances are "firewalls on steroids". They take the functionality of firewalls and add "unified threat management", adding intelligent inspection of traffic that passes through the device. If you surf to a bad place that tries to hijack your browser, the security appliance can see the attack and stop it in its tracks. Similarly, if you try to download a virus, it can see this and block the download.

I often summarize the difference between a firewall and a network security appliance like this... a firewall is like a traffic cop directing traffic. So long as you are in the left turn lane, you will be permitted to turn left, even if you are a bad guy because the cop cannot see in your trunk to see you are carrying stolen merchandise. But a network security appliance is like replacing the cop with the National Guard, and having them stop each car and search it, blowing up any bad guys that come through.

The SonicWALL line of Network Security Appliances provides a comprehensive solution and an excellent layer for your perimeter security strategy. They also provide the best "bang for your buck" in the industry. With models suitable for the home office up to largest data centers, and a simple to configure interface, SonicWALL is easy to maintain over time. Contact us today to learn how a SonicWALL Network Security Appliance can help protect your network - 954-647-9938