Does a home user need a router for added security? Article - Alcatraz Security
Web Resources    |    Sitemap    |    Terms of Use    |    Privacy Policy

Does a home user need a router for added security?

Date: 2024-11-20

Anthony:
 I have read all of your reviews on the virus software companies. My question is; does a home user need a router for added security? I have been told by many who use computers that it's a good idea. The only one who said that I should "take it back to the store", was a tech support worker at my ISP. Well what is your opinion?
Thank You, Mr. Ford


To Have or Not to Have... that is the question.

To answer the question, should you install a router, we need to address what functions the router adds, and which of these functions are security related. Then, look if these services and functions are being supplies elsewhere. Three main functions come to mind when I think of routers for home networks.
  1. NIC Locking
  2. Network Address Translation
  3. Firewall
Let's look at each of these functions and services starting with NIC locking. Many ISP's are distributing Internet modems to users that read the MAC address of their computer's network interface card. The MAC address is hardware level address that you cannot change. The modem then "marries" this twelve digit hexadecimal address. This prevents you from plugging in additional computers, swapping network cards, or switching the computer that uses the Internet modem. This isn't a security function, only a painful feature most routers allow you to break free from by taking the roll of "marrying" your router and allowing you to be free of commitments of what network card or computer you plug into your Internet connection.



The second function is Network Address Translation, referred to as NAT. The idea behind NAT is the router accepts an Internet IP Address, and puts your computer one additional step away from the Internet by giving it a non-routable IP Address such as 10.100.10.2. The helps prevent direct attacks from the internet unless you have port forwarding enabled on that specific port that service is running on. NAT is often misunderstood as a firewall. NAT is not a firewall. It is a service some firewalls can provide, and is an addition layer of security. I recently consulted with a small business that had one server holding all of their financial and customer information behind a modem performing NAT. They believed this was sufficient security. I do believe NAT is a great security service to take advantage of and compliment a firewall. A router or modem running NAT will take the blunt of Denial of Service attacks, worms, and port scans saving you from being exposed from an attacker potentially finding an un-patched vulnerability on your computer.



The last and most important, function a modem or router can perform is a hardware firewall. At Alcatraz Security we perform reviews on software firewalls because they are more dynamic, and highly recommended. It's like this; if you have a hardware firewall I believe you should still install a software firewall, but if you have a software firewall there isn't just cause to install a hardware firewall too. Do you see people at Starbucks with their laptops carrying a hardware firewall around with them? Software firewalls are more dynamic and able to update from their associate security manufactures, prepare for worms, refer to pattern files, and other security features. I will mention, there are people that will argue this point due to their intimate knowledge of sophisticated hardware firewalls that are mostly focuses on businesses, and expensive.



To summarize, today's affordable routers can offer a large range of features such as wireless, adding multiple computers to your network, and NIC locking. But when it comes to security, you need to make sure you have a firewall and ideally take advantage of NAT. If you modem performs NAT, and you have installed a software firewall on your computer there is no security reason to install a router. If your modem is passing your computer a real IP address, I personally would feel justified purchasing a router at today’s affordable prices due to the added security protection this feature adds.

Comments

No comments so far.

Post Comment

Web Resources   |   Sitemap   |   Terms of Use   |   Privacy Policy

© 2006 Alcatraz Security. All rights reserved.

Designed by Fast Internet Success