Running a firewall is paramount so that ‘bad people’ don’t get access to your system or network but the question is always which should you choose, hardware or a software firewall? Going from past experiences I have found hardware firewalls to be more powerful and less resource intensive than their software counterparts however not everyone has a spare system lying around to install one on. Here is an idea – why not install your hardware firewall inside a virtual machine on the system you already have?
This is the approach I have taken for my own network. I have a Ubuntu 12.04 server with Virtualbox installed. I have multiple virtual machines running at the same time and wanted a firewall to cover them all. So I run a hardware firewall (in my case Smoothwall Express 3.0 – I was originally running Untangle Gateway) inside a virtual machine which is configured to start at boot should the server have to be restarted. The are multiple reasons for doing this:
1. I don’t have a spare system lying around to use as the hardware firewall.
2. Electric bill is reduced as there is only one system running instead of two.
3. The virtual machine is protecting my entire network not just the system it is installed on.
4. Any attacker would have to compromise the hardware firewall first before moving onto the main system.
5. Disaster recovery is simpler and quicker with virtual machines than traditional systems.
6. Software firewalls consume resources (ie CPU, RAM etc) on whichever system they are installed on so system performance can be affected, whereas hardware firewalls are separate systems.
This approach would benefit any network (big and small) and is starting to be implemented in enterprise networks using virtual switches as well as the ‘traditional’ hardware firewalls. As for which one to use my favourite at the moment is Smoothwall Express 3.0 which can basically be installed on anything. It is not resource intensive and the web GUI is excellent. Until recently I used Untangle Gateway but Smoothwall is faster to boot up and Untangle requires 512 Mb of RAM. The interface is fantastic though.
Anything which makes it harder for someone to access your systems is good in my book. Do you agree?
About the Author
Hi I am Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in and around Stirling.
For a list of what I can offer you why not visit my website www.comtech247.net where you will find a list of my services, testimonials, blog and much more.
Loading ...
What I meant was using a dedicated firewall distribution (like Smoothwall) and installing it inside a VM effectively turning that VM into a hardware firewall.
dont you mean SOFTWARE firewall?
not sure if i am understanding right but if you are installing the firewall that to mean would mean software. hardware firewall (like Sonicwall) will come as a hardware and not software you can install on VirtualMachine.