I purchased and installed a broadband router. Specifically, a wireless
Linksys WRT54G. I thought this provided a firewall and I had planned to
uninstall Norton Systemworks which is giving me problems. However, the router
does not appear to include a firewall. It does not need any sort of
configuration like Norton, such as sites to let through or to block. I have
looked all through the documentation and no mention of a firewall.
Did I buy a model without a firewall or was I mistaken about a router
including a firewall?
And I totally understand that this is confusing.
I’ll try to clear it up…
Become a Patron of Ask Leo! and go ad-free!
One of the things that your router does is allow you to share your internet
connection. By that I mean you can take a single internet connection that’s
designed to connect to only one computer, add a router, and then through the
router connect several computers who can then use that single internet
The way this happens is that your internet IP address, which is used to
route data to you when you surf the internet, is assigned to the router instead
of a computer. The router then assigns local IP addresses to each of
the computers you have connected to it. The router then also takes care of
making sure that the data sent to and from the internet is routed to and from
the correct computer on the local network.
from connecting to computers behind a router.”
One side effect of this approach, called Network Address Translation, or NAT
for short, is simply this: no computer from outside your local network can
initiate a connection to a computer on the inside of your local network.
Put another way: computers on the internet are completely blocked from
connecting to computers behind a router. (You can create exceptions, of course,
using something called “port forwarding” and/or “DMZ” settings in the router
In this regard, the router is acting like an inbound firewall. In fact, it’s
acting so much like one that we simply refer to it as being a firewall.
Now, in the strictest sense, your router is not truly a firewall. Two key
components are missing:
Your router does not attempt to block any outgoing connections or
data. A true firewall will typically examine outbound connections as well as
incoming. In fact, a great deal of the configuration you referred to in your
question is typically defining to a firewall exactly who on your computer is
allowed to make an outbound connection.
Your router does not inspect the data that’s routing, other than to make
sure it’s headed to the correct computer. Firewalls are often configurable to
the extent that you can allow not just certain types of connections, but also
allow, or block, certain types of data over those connections. In the extreme a
firewall could actually incorporate anti-virus checking and block anything that
was found to be carrying a virus.
So in that regard your router is not a true firewall.
So what do you need?
In my opinion: if you can trust all the computers on your local
network, a NAT router provides 99.9999% of what you actually need in a
firewall. Blocking external threats is by far the single most important role of
a firewall these days; so much so that every one should have some kind of
firewall, no matter what.
In my opinion a software firewall is simply not needed in this case.
Blocking outgoing traffic sounds important, but in reality, if you have
outgoing traffic that needs to be blocked, then either you need to change your
system’s configuration not to try to do whatever it’s doing, or you
are already infected with malware. In the later case, it’s too late.
The firewall did not prevent you from getting infected. At best it
might have prevented you from infecting someone else, but even that is
Now, you’ll notice I emphasized the phrase if you can trust all the
computers on your local network. That’s the one exception to the “software
firewalls not needed” guideline. For example let’s say you share your computer
connection with your children who don’t understand internet safety and are
constantly getting their computer infected. In a case such as this, where you
cannot trust some other machine that shares your local network with you, then
you probably do need a firewall to protect you. And let’s be clear; that
firewall is not to protect you from the internet — your router does that — but
from that other machine. And once again, what really matters here is blocking
unwarranted incoming connections. As far as I’m concerned if the
firewall lets you disable monitoring of outgoing connections, you can.
So if you’re in that “safe” situation, then yes, in your shoes I would
uninstall that software firewall and rely on the protection of my NAT
In fact, that’s exactly what I do here at home.