Windows Networking/firewalls and security


QUESTION: hi how r u?Ive been reading and studying some books on firewalls and internet security.Its put  some questions in mind.I know you have hardware firewalls and software firewalls.A lot of times your router has a firewal,windows has it's own firewall and you can also download or buy software firewall also.What im curious about is this.Is it best to just use one.Or should i have both in play for multi layer security.Im wondering if i try to use the firewall in  the router and the software from a additional firewall if they will work together, strengthen the security,or if they will conflict with another.I also read when it comes to routers you might want to turn off the ssid  broadcast.I guess that means that when you bring a new computer to the location since it wont be broadcasting then u would have to know what the name is and put it in manuallyalong with the password.Im guessing once you do that then the computer will automatically sync to the connection when you bring it back to the location.

ANSWER: Hello,

Multiple firewalls typically just cause confusion.  For example, if you have both Windows firewall and a third party firewall running on your computer, every time you make a change, you would have to make it in both systems.  They are more or less redundant.  There are often some good reasons to use a third party firewall. For example, Windows firewall only blocks incoming packets, not outgoing.  So if you have malware that is reaching out from your computer to the Internet, Windows will not stop it.  Other firewalls might.  But if you install a second firewall, I'd recommend disabling the Windows firewall.

Having a network based hardware firewall is not a bad idea for the security minded.  A network firewall can protect all devices on your network, rather than just your main PC.  But again, if you have a firewall in your PC and your router, you would need to edit both every time you create a firewall exception.  

Turning off the SSID is a good idea if you have people regularly trying to connect to your Wifi network and are afraid they can break your Wifi password.  Without the SSID broadcast, they will never know your Wifi network is there.  That said, I'm perfectly happy to have a password protected SSID broadcast in my home and office.  I use a sufficiently complex password to keep unauthorized people off my network.  Not having an SSID broadcast would just make it that much more difficult to connect new devices.  But for the more security minded, turning off the broadcast is an option.

I hope this helps!
- Mike

---------- FOLLOW-UP ----------

QUESTION: hi thanks for answering my question.If you dont mind i have another one that ive been curious about.Its about the routers.Ive often heard of the  term backwards compatible. In order for something to be backwards compatible does it say that's it backwards compatible.Will the equipment say it on the box or in the documenation.Or are all routers and adapters backwards compatible because its an industry standard.If you have a b or g adapter im guessing it will connect to a n router.And if you have a n adapter im guessing it will connect to a b or g router.Am I correct on what im thinking.

Virtually all wifi devices are backward compatible.  But I would always double check the specs on a device to be sure.  With many such devices, if one device operates at the older slower speed, it often slows down all the devices.  Therefore, some routers may be programed not to allow older devices to connect in order to avoid slowing the whole network.

- Mike  

Windows Networking

All Answers

Answers by Expert:

Ask Experts


Michael Troy


I have a fair amount of experience in peer-to-peer networking. I can answer questions about hardware, networking software, protocol settings, etc. I have some client-server experience, but not a lot with Windows-based servers. I can also give some advice on home network security: VPN, firewalls, anti-virus, etc.


I am the Director of Information Systems for a large law firm which connects about 300 users over five offices via a wide area network. We use client-server, peer-to-peer, remote access, VPN, Internet, and proxy servers.

I also have a peer-to-peer network of computers at home, with file and print sharing, remote access, shared network storage, and shared Internet access with a firewall.

BA George Washington University JD University of Michigan

©2017 All rights reserved.