Datasheets

Secure Your Mission Critical Workloads with a Managed Firewall

Issue link: https://hub.liquidweb.com/i/1018550

Contents of this Issue

Navigation

Page 1 of 1

Hardware Firewall vs. Software Firewall Comparison Managed Firewall www.LiquidWeb.com 800.580.4985 PROS: Hardware Firewall Software Firewall Allows for VPN connectivity to your Liquid Web servers Fine-grained / granular control for a single server Fully managed by Liquid Web's networking team Jointly managed by you and Liquid Web support team Runs / operates on ALL Liquid Web servers Allows for more easily applying rule-sets to multiple machines at once (single point of truth) Handles large datasets (country-level blocks) efficiently Can easily be run in a redundant / highly available pair for increased security and uptime Can dynamically block IP addresses based on malicious activity Completely prevents unwanted / potentially malicious traffic from reaching servers Included for free with each Liquid Web server Backup and configuration completely handled by Liquid Web networking team CONS: Hardware Firewall Software Firewall Only protects the individual machine it's running on Potential for having blanket rules / statements affect multiple machines [1] Does not sync configuration changes across multiple machines All hardware behind firewall susceptible to service interruption if firewall device dies / reboots May dynamically block an IP for perceived malicious activity that's not (false-positive) Limited port connectivity requires an additional switch for host connections (additional point of failure) Cannot be used with Liquid Web Storm products Does not provide VPN connectivity Lacks full configuration options via user-accessible GUI [2] Only supports 1 Gbps throughput connectivity Has the potential to limit number of concurrent connections a host can receive [3] [1] - Applies in certain circumstances where a rule was made that specifically affected multiple machines. Rules can easily be created that are specific / narrow in scope. [2] - All options can be accessed / configured from the command-line interface; however this is not as straightforward or user friendly. [3] - This is dependent upon model. Higher end models support more concurrent connections.

Articles in this issue

Links on this page

view archives of Datasheets - Secure Your Mission Critical Workloads with a Managed Firewall