Difference between Hardware firewall and software firewall
Which firewall is best?
Well this question again generate a cross question.
What are your requirement?
If you need to protect your network through IP based regardless of Application using the port. Hardware firewalls has a strong and fast protection from most forms of attack coming from the outside world. Hardware firewall has a designed technique called packet filtering that examines the header of a packet to determine its source and destination addresses [IP’s]. This information is compared to set rules that determine whether the packet is to be forwarded or blocked
Now days a new technique called Stateful Packet Inspection (SPI) is used in firewall
That check the origin of packets that means it check whether the response is from internet, if yes whether it is the requested response for a machine from local network.
If yes the allow traffic
Bad thing is that, if, say, you get email containing WORD doc that has spyware/Macro hidden in it, which communicate to outer world when WORD file is opened/executed.
Your hardware firewall will allow communication to outer world and the requested incoming packets too, as the packet origin was from local network,
Resulting Machine infection
Moreover, blocking too many ports would almost certainly adversely affect your ability to use some programs (many games, for instance). Also, some broadband router firewalls don’t even provide the ability to restrict outgoing traffic, only incoming traffic.
Now we will go for Software firewall discussion
Software firewall has all the function that hardware firewall has, but the down side it has,
Slow compared to hardware firewall.
You need to know how port and protocol works,
Configuration of software firewall needs expertise,
As configuration need to be done from scratch as, no pre defined rules are set, except one hard rule, block all incoming and outgoing traffic.
UP sides
You can configure rules to group, individual user, subnet, application base.
Take the same example mention above [email with spyware.]
Now in Software firewall you have additional function that, specified application can communicate with outer world from specified IP using specified port and response to this request from internet will come to specified IP only using Statful Packet Inspection [SPI] so if this rule is set, in this case the spyware get blocked at outgoing rule itself by the hard rule, block everything.
Something Good to know:-
The most well known firewall that we all have heard is NOKIA Checkpoint, and do you know its software firewall. 
Another is Microsoft Internet Security and Acceleration Server [ISA]
Sonic firewall. Many more in list
You must be logged in to post a comment.