Difference between a Cisco firewall and my default firewall

fallenapples

fallenapples

In Runtime
Messages
386
Location
Toronto, Ontario
I am currently studying for MY MTA 98-366. What is the different between the standard firewall that comes with your wireless router your isp provides compared to a cisco firewall.. It's still a router with a switch correct? Why is it advertised as a just a firewall? Do all wireless routers have firewalls?
 
fallenapples said:
I am currently studying for MY MTA 98-366. What is the different between the standard firewall that comes with your wireless router your isp provides compared to a cisco firewall..
Click to expand...

Intended use and everything that goes with it.

Your home router has a basic packet filter slapped on for some basic, added protection. Some of the more advanced ones will even have stateful inspection. I'm sure that NGFW features will make it to the consumer market in due time. The main takeaways are that the technology is very far behind enterprise stuff and it's really there as a marketing gimmick for clueless home users who are scared of getting hacked.

An enterprise firewall is more of a security appliance that provides a suite of security services needed for business use. These days everything can do packet filtering and even routing, but a firewall is expected to have VPN functionality, clustering/failover, and alerting/reporting, at the minimum. The new thing is NGFW which includes application level filtering, an integrated IPS and centralized management.

It also needs to be able to handle tens of thousands of concurrent connections and it will have the hardware needed to do that - your typical D-link router is going to crap out if it tries to pass normal traffic for a thousand devices, nevermind encrypted VPN traffic.

Really, I think the better question would be the difference between modern enterprise routers, switches, and firewalls. The difference between consumer grade and enterprise gear is like comparing a bicycle with a racecar.

It's still a router with a switch correct?
Click to expand...
Router, yes, switch - not necessarily. A lot of firewalls do have switchports, but some don't. Some will have layer 3 interfaces but allow for virtual switching through software. It's not a defining feature. Even if you do have swichports, you'll still need a switch unless you've only got a small handful of physical devices.

Why is it advertised as a just a firewall?
Click to expand...
As I mentioned before, if you're shopping for a firewall then you're looking for a particular set of features and capabilities beyond just basic packet filtering. If someone advertises a firewall then I know what the basic feature set is going to be.

Do all wireless routers have firewalls?
Click to expand...
Pretty much all modern consumer grade home routers have some kind of firewall functionality included, these days.
 
DistraughtSysop said:
Intended use and everything that goes with it.

Your home router has a basic packet filter slapped on for some basic, added protection. Some of the more advanced ones will even have stateful inspection. I'm sure that NGFW features will make it to the consumer market in due time. The main takeaways are that the technology is very far behind enterprise stuff and it's really there as a marketing gimmick for clueless home users who are scared of getting hacked.

An enterprise firewall is more of a security appliance that provides a suite of security services needed for business use. These days everything can do packet filtering and even routing, but a firewall is expected to have VPN functionality, clustering/failover, and alerting/reporting, at the minimum. The new thing is NGFW which includes application level filtering, an integrated IPS and centralized management.

It also needs to be able to handle tens of thousands of concurrent connections and it will have the hardware needed to do that - your typical D-link router is going to crap out if it tries to pass normal traffic for a thousand devices, nevermind encrypted VPN traffic.

Really, I think the better question would be the difference between modern enterprise routers, switches, and firewalls. The difference between consumer grade and enterprise gear is like comparing a bicycle with a racecar.

Router, yes, switch - not necessarily. A lot of firewalls do have switchports, but some don't. Some will have layer 3 interfaces but allow for virtual switching through software. It's not a defining feature. Even if you do have swichports, you'll still need a switch unless you've only got a small handful of physical devices.

As I mentioned before, if you're shopping for a firewall then you're looking for a particular set of features and capabilities beyond just basic packet filtering. If someone advertises a firewall then I know what the basic feature set is going to be.

Pretty much all modern consumer grade home routers have some kind of firewall functionality included, these days.
Click to expand...
We already have NGFW in the consumer space thanks to Ubiquiti. They don't apply everything that is inclusive to "NGFW" but most of it. The only thing I'd really complain about is the VPN is a bit lacking but it is indeed there and working. They're not done with their feature set yet though.
 
I don't know if I'd put Ubiquiti on the same tier as something like Linksys, I've always seen it as more of a "prosumer" grade product line. I'd say that anything that you can manage with a controller isn't really meant for typical home use, actually.
 
It's prosumer with enterprise functionality for a consumer price. Naturally I wouldn't put it on the same tier as consumer routers because they're all useless junk, BUT it's still pretty simple to get going. IMO somebody looking for gear like that probably has the knowhow or at least technological basics to follow some simple instructions to get Unifi going. The rest will go to Best Buy and buy a Netgear or whatever that's practically plug and play. Idk that's how I've always looked at it because setting up Ubiquiti gear is nowhere near as difficult as true enterprise stuff.

Still though, being prosumer I'd still classify Ubiquiti gear as more consumer grade equipment that doesn't suck *** and it has a lot of NGFW stuff built in with more to come. I'm waiting on that crispy WAN MAC spoofing to show up.
 
You must log in or register to reply here.

Similar threads

R
Help for my homelab
Replies
1
Views
578
PP Mguire
PP Mguire
S
Home network dropping
Replies
0
Views
747
Spud5437
S
R
gigabyte GA-H170M-D3H boot loop power issues , and no display
Replies
5
Views
1K
ripo66
R
M
Routing and hosting via cloudflare and 2 other providers to home web server...
Replies
0
Views
732
mke-home
M
S
Would it be worth investing in a hardware firewall for use at home?
Replies
4
Views
1K
isaccasi1234
isaccasi1234
Back
Top Bottom