Can someone tell me, when comparing a hardware firewall and software firewall,
assuming you can have all the latest technology of each, which offers more security?.
Another way to put, if one must have only one type of firewall. What will it be, hardware like a router or software firewall?
I also like the idea of using Virtual Private Networks (VPN) tunnels for data encryption.
I hope comodo would consider making a free VPN secure product, one with the best encryption like AES, a gov’t standard.
IMO, if you want the best security, then get two Cisco routers, configure them both back-to-back, and give them both NAT. Looks like this:
Internal Network – Router #1 – “DMZ Network” – Router #2 – Internet
Internal Network should use 172.16.0.0/12, and the “DMZ Network” use 192.168.0.0/16. So, you have to configure Router #1 to perform NAT from 172.16.0.0/12 to 192.168.0.0/16 and Router #2 to perform NAT from 192.168.0.0/16 to (whatever IP address/network your ISP gives you).
If you need a publicly available server, put it in the “DMZ Network” and manually configure Router #2 to forward the server’s port to the outside world.
Further safety, put in a proxy server in the Internal Network, and force your users to access the Internet through this proxy server, i.e. putting an access list on Router #1 to allow only the proxy server access into the DMZ Network. Put in several proxy servers for load balancing.