XP ICS + zonealarm suite combo VS router and switch with client pcs
Hi, I've been thinking about this however i'm still confused, basically my old setup was like this:
1 PC with 2 nics, one connected to broadband (cable modem) and the other connected it to a switch, I then used winXP ICS to share my net access and I had configured zonealarm so that the internet was in the internet zone and the other nic was in the trusted zone, used this setup for about 2 years and was happy with it, however a friend of mine decided he wanted to upgrade to wireless and hence gave me his old wired router for free, its a linksys BEFSR41 if that helps.
Well now my current setup is:
Linksys router with uplink port connected to a switch, basically broadband connects into teh router and router connects to switch, and ofcourse switch has all (3 clients) client pcs.
Well the problem is that before I felt pretty secure as I knew zonealarm was protecting me from the internet, well now all my PCS have an address of 192.168.1.X and are added to the trusted zone, well I feel as if zonealarm is not protecting me from the net and only the router is doing that (and i'm worried about how effective the router is).
I mean with zonealarm I Can keep it updated, with the router updates are rare, I did go to shields up and all ports were stealthed so no issues there.
Sorry for the long post but basically what I'm trying to say is should I go back to my old setup, and which setup is more secure?, I dont mind having one pc on 24/7 as its a TV and file server too so most of the time it is on 24/7.
Any suggestions much appreciated!
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite
Re: XP ICS + zonealarm suite combo VS router and switch with client pcs
If I understand you well basically you have three computers wired to the BEFSR41 router that is acting as DHCP to your net work.The router acts as hardware firewall with NAT and gives you inbound protection,and must have SPI firewall or at least a setting for not answer to unsolicitaded requests as you say that running shields up gives ports stealthed. So what you need is to add good outbond protection to your computers and also inbound in the unlikely eventuality the router leaks.
For that install ZA free in each one of your LAN computers and you have the job done. All you have to do after is set up ZA for the network work properly and without connectivity problems. Your actual configuration with ZA would be quite secure as is wired.