ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Routers Vs. Firewall

    Scheduled Pinned Locked Moved IT Discussion
    routersfirewalls
    66 Posts 10 Posters 7.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch @black3dynamite
      last edited by

      @black3dynamite said in Routers Vs. Firewall:

      What do systems like VyOS and pfSense/OPNsense be considered as? VyOS makes sense to be called a router.
      But what about pfSense/OPNsense?

      VyOS is a router/firewall. Period.

      pfSense is a router/firewall that lets you easily add on UTM functions. Once you do that, it is a UTM.

      I have never used OPNsense.

      1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch
        last edited by

        VyOS runs on Debian, so you can obviously turn it into a pseudo UTM, but it is not all in a single GUI like pfSense.

        1 Reply Last reply Reply Quote 0
        • WrCombsW
          WrCombs @JaredBusch
          last edited by

          @jaredbusch said in Routers Vs. Firewall:

          @wrcombs said in Routers Vs. Firewall:

          @jaredbusch said in Routers Vs. Firewall:

          Yeah, a SonicWall is not a router or a firewall. It is a UTM. A shitty one btw. This is a totally different concept than a router or a firewall.

          A UTM contains a firewall, router, IPS, IDS, endpoint antivirus, etc.

          So we were both wrong? LOL

          More or less. But in your defense, the terms router and firewall are perfectly interchangeable.

          The subsequent argument is fucking stupid, and from how it was presented here, reinforces how sorry I feel for you.

          The argument started because I made a statement, and It wasn't just my direct boss. The service manager also jumped in and was telling me i was wrong (basically)

          1 Reply Last reply Reply Quote 0
          • KellyK
            Kelly
            last edited by

            On a technical level they're not wrong. A router only routes packets. A firewall restricts packets. On a practical level you cannot buy a pure router, and a pure firewall blackbox is so rare as to be nonexistent. In your specific instance, calling a Sonicwall a router is like calling a computer a hard drive. You're correctly identifying one element of its purpose, but it is too narrow an identification to be accurate.

            scottalanmillerS 1 3 Replies Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @Kelly
              last edited by

              @kelly said in Routers Vs. Firewall:

              On a technical level they're not wrong. A router only routes packets. A firewall restricts packets.

              The routing function only routes the packets. But the router doesn't "only" route packets. Like how the "car function" of a car is only to drive. But all cars have stereos. They aren't any less cars because they have additional features.

              So on a technical level, they are wrong because they claimed that it was not a router. It most certainly is a router. It's more than just a router, but that doesn't make it less of a router.

              KellyK 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Kelly
                last edited by

                @kelly said in Routers Vs. Firewall:

                In your specific instance, calling a Sonicwall a router is like calling a computer a hard drive.

                It's a bit different. A hard drive is a necessary component to make up a computer. You can buy a hard drive that isn't a computer. A computer can have many hard drives. It seems similar, but it's actually quite different as an analogy goes. A hard drive is part of what makes something a computer rather than a function that a computer performs.

                It's more like calling a computer a data storage device, because it contains a hard drive. A computer is definitely a data storage device. It is also a data manipulation device. And a communications device. These are aspects of the computer, not parts of it.

                Routing isn't a part of the firewall or UTM. The three are distinct aspects of the whole. Just like I'm male, American, and 42. I'm all three things. You can't correct someone calling me 42 as being incorrect because I'm ALSO mail and he didn't mention it. That I'm other things doesn't make me not 42.

                Is the SonicWall blue? Yes
                Is the SonicWall networking hardware? Yes.
                Is the SonicWall a router? Yes.
                Is the SonicWall a firewall? Yes.
                Is the SonicWall a UTM? Yes.

                Those things all remain true regardless of additional functionality or aspects being added.

                KellyK 1 Reply Last reply Reply Quote 0
                • KellyK
                  Kelly @scottalanmiller
                  last edited by

                  @scottalanmiller said in Routers Vs. Firewall:

                  @kelly said in Routers Vs. Firewall:

                  In your specific instance, calling a Sonicwall a router is like calling a computer a hard drive.

                  It's a bit different. A hard drive is a necessary component to make up a computer. You can buy a hard drive that isn't a computer. A computer can have many hard drives. It seems similar, but it's actually quite different as an analogy goes. A hard drive is part of what makes something a computer rather than a function that a computer performs.

                  It's more like calling a computer a data storage device, because it contains a hard drive. A computer is definitely a data storage device. It is also a data manipulation device. And a communications device. These are aspects of the computer, not parts of it.

                  Routing isn't a part of the firewall or UTM. The three are distinct aspects of the whole. Just like I'm male, American, and 42. I'm all three things. You can't correct someone calling me 42 as being incorrect because I'm ALSO mail and he didn't mention it. That I'm other things doesn't make me not 42.

                  Is the SonicWall blue? Yes
                  Is the SonicWall networking hardware? Yes.
                  Is the SonicWall a router? Yes.
                  Is the SonicWall a firewall? Yes.
                  Is the SonicWall a UTM? Yes.

                  Those things all remain true regardless of additional functionality or aspects being added.

                  Nothing ruins a good simile like over analyzing it.

                  1 Reply Last reply Reply Quote 0
                  • KellyK
                    Kelly @scottalanmiller
                    last edited by

                    @scottalanmiller said in Routers Vs. Firewall:

                    @kelly said in Routers Vs. Firewall:

                    On a technical level they're not wrong. A router only routes packets. A firewall restricts packets.

                    The routing function only routes the packets. But the router doesn't "only" route packets. Like how the "car function" of a car is only to drive. But all cars have stereos. They aren't any less cars because they have additional features.

                    So on a technical level, they are wrong because they claimed that it was not a router. It most certainly is a router. It's more than just a router, but that doesn't make it less of a router.

                    I was referring to the distinction they were drawing between a router and a firewall, not the accuracy of their statement with regards to the Sonicwall.

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Kelly
                      last edited by

                      @kelly said in Routers Vs. Firewall:

                      @scottalanmiller said in Routers Vs. Firewall:

                      @kelly said in Routers Vs. Firewall:

                      On a technical level they're not wrong. A router only routes packets. A firewall restricts packets.

                      The routing function only routes the packets. But the router doesn't "only" route packets. Like how the "car function" of a car is only to drive. But all cars have stereos. They aren't any less cars because they have additional features.

                      So on a technical level, they are wrong because they claimed that it was not a router. It most certainly is a router. It's more than just a router, but that doesn't make it less of a router.

                      I was referring to the distinction they were drawing between a router and a firewall, not the accuracy of their statement with regards to the Sonicwall.

                      Right, but calling it a router is just fine, unlike calling a computer a hard drive, which is not correct. That was my point. @WrCombs wasn't wrong, it's a router just as much as it is a firewall, just as much as it is a UTM. Calling it any of them is fine because there is no term for all three merged together. In theory, each one can be a separate device or VM, just silly and no one sells that.

                      JaredBuschJ 1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @scottalanmiller
                        last edited by JaredBusch

                        @scottalanmiller said in Routers Vs. Firewall:

                        @kelly said in Routers Vs. Firewall:

                        @scottalanmiller said in Routers Vs. Firewall:

                        @kelly said in Routers Vs. Firewall:

                        On a technical level they're not wrong. A router only routes packets. A firewall restricts packets.

                        The routing function only routes the packets. But the router doesn't "only" route packets. Like how the "car function" of a car is only to drive. But all cars have stereos. They aren't any less cars because they have additional features.

                        So on a technical level, they are wrong because they claimed that it was not a router. It most certainly is a router. It's more than just a router, but that doesn't make it less of a router.

                        I was referring to the distinction they were drawing between a router and a firewall, not the accuracy of their statement with regards to the Sonicwall.

                        Right, but calling it a router is just fine, unlike calling a computer a hard drive, which is not correct. That was my point. @WrCombs wasn't wrong, it's a router just as much as it is a firewall, just as much as it is a UTM. Calling it any of them is fine because there is no term for all three merged together. In theory, each one can be a separate device or VM, just silly and no one sells that.

                        Except users call computers a hard drive all the time. It is totally common.

                        scottalanmillerS 1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller @JaredBusch
                          last edited by

                          @jaredbusch said in Routers Vs. Firewall:

                          @scottalanmiller said in Routers Vs. Firewall:

                          @kelly said in Routers Vs. Firewall:

                          @scottalanmiller said in Routers Vs. Firewall:

                          @kelly said in Routers Vs. Firewall:

                          On a technical level they're not wrong. A router only routes packets. A firewall restricts packets.

                          The routing function only routes the packets. But the router doesn't "only" route packets. Like how the "car function" of a car is only to drive. But all cars have stereos. They aren't any less cars because they have additional features.

                          So on a technical level, they are wrong because they claimed that it was not a router. It most certainly is a router. It's more than just a router, but that doesn't make it less of a router.

                          I was referring to the distinction they were drawing between a router and a firewall, not the accuracy of their statement with regards to the Sonicwall.

                          Right, but calling it a router is just fine, unlike calling a computer a hard drive, which is not correct. That was my point. @WrCombs wasn't wrong, it's a router just as much as it is a firewall, just as much as it is a UTM. Calling it any of them is fine because there is no term for all three merged together. In theory, each one can be a separate device or VM, just silly and no one sells that.

                          Except users call computers a hard drive all the time. It is totally common.

                          Yes, but THAT is wrong. 🙂

                          1 Reply Last reply Reply Quote 0
                          • C
                            Carnival Boy @JaredBusch
                            last edited by Carnival Boy

                            @jaredbusch said in Routers Vs. Firewall:

                            But a router is never only a router in today's world. Every single router is a router and a firewall.

                            Yes, but a device that is both a router and a firewall does not mean that a router is a firewall (and vice versa), it just means that the two products are generally interchangeable and indistinguishable in the real world.

                            Saying "Every single router is a router and a firewall." is different from saying "Every single router is a firewall"

                            So I'm kind of with the boss, on a purely abstract, pedantic level. I guess that makes me "sub-intern" :grinning_face_with_smiling_eyes: Oh well, I've been called worse on here.

                            scottalanmillerS 2 Replies Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Carnival Boy
                              last edited by scottalanmiller

                              @carnival-boy said in Routers Vs. Firewall:

                              So I'm kind of with the boss, on a purely abstract, pedantic level.

                              No, if you are pedantic, the boss is wrong. The more pedantic, the more wrong. A router is a router, no matter what else is added to it, it doesn't stop being a router. The boss isn't "kind of wrong", he's not wrong only technically, he's wrong in every sense. The more semantics, the more pedantic, the more accurate... the more wrong.

                              Like the male and 42. Calling me male isn't wrong just because you didn't mention that I'm 42.

                              1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @Carnival Boy
                                last edited by

                                @carnival-boy said in Routers Vs. Firewall:

                                Yes, but a device that is both a router and a firewall does not mean that a router is a firewall (and vice versa)....

                                In the real world, every router is a firewall and every firewall is a router. You can't find one that isn't the other. We understand that theoretically you can build something that is one and not the other, but they don't really exist.

                                KellyK 1 Reply Last reply Reply Quote 0
                                • jmooreJ
                                  jmoore
                                  last edited by

                                  Before I read everything I will include my 2 cents.
                                  Technically your definitions look correct.
                                  Routing and firewalls are different functions.
                                  They can each accomplish the same thing.
                                  They will use different methods to do this.
                                  Routers almost always have firewalls built in.

                                  So any particular device can be either a firewall or router because both functionalities are always in the same box.

                                  1 Reply Last reply Reply Quote 0
                                  • KellyK
                                    Kelly @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Routers Vs. Firewall:

                                    @carnival-boy said in Routers Vs. Firewall:

                                    Yes, but a device that is both a router and a firewall does not mean that a router is a firewall (and vice versa)....

                                    In the real world, every router is a firewall and every firewall is a router. You can't find one that isn't the other. We understand that theoretically you can build something that is one and not the other, but they don't really exist.

                                    But not every router implementation utilizes the functionality of the firewall. In that case it would be inaccurate to call the device a firewall because that isn't what it is doing.

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Kelly
                                      last edited by

                                      @kelly said in Routers Vs. Firewall:

                                      But not every router implementation utilizes the functionality of the firewall. In that case it would be inaccurate to call the device a firewall because that isn't what it is doing.

                                      Is that true? That gets a bit more murky. If the firewall is there and just wide open, is it not still there? Does a router stop being a router when it loses power? In a sense, yes. But it's not the generally accepted use of the terminology. Something is a router or a firewall because of what it can do, not because of what it is doing at the moment.

                                      E.g. I can still call the spare SonicWall on the shelf a router, even when not plugged in and actively routing.

                                      1 Reply Last reply Reply Quote 0
                                      • 1
                                        1337 @Kelly
                                        last edited by

                                        @kelly
                                        Wouldn't a layer 3 switch be considered a pure router (and switch) but not a firewall?

                                        KellyK scottalanmillerS 2 Replies Last reply Reply Quote 0
                                        • KellyK
                                          Kelly @1337
                                          last edited by

                                          @pete-s said in Routers Vs. Firewall:

                                          @kelly
                                          Wouldn't a layer 3 switch be considered a pure router (and switch) but not a firewall?

                                          It really depends on the breadth of the definition. @scottalanmiller appears to be arguing that if a device has any type of firewall functionality it should be classified as a firewall. I would personally prefer to classify a device by what it does as a primary role in the organization. If the device handles primarily routing then it is a router. If it handles switching primarily it is a switch. If it handles edge protection then it is a firewall.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @1337
                                            last edited by

                                            @pete-s said in Routers Vs. Firewall:

                                            @kelly
                                            Wouldn't a layer 3 switch be considered a pure router (and switch) but not a firewall?

                                            An L3 is a "multi-port" router, that's correct. And it is a switch (presumably.) But I've never heard of an L3 switch / multi-port router that had zero firewall functionality. Again, it can exist. But to the best of my knowledge, none does. It's purely a theoretical case to have an L3 switch without any security mechanisms.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 1 / 4
                                            • First post
                                              Last post