Jump to content

What Exactly is the Problem with 2 Firewalls


Recommended Posts

What exactly is the problem with 2 firewalls running? Has anyone experienced any problems with 2 running? I've read theoretical blue screens and what not but never experienced it as described below:

In prior builds of Windows 7, I have installed Comodo Firewall and never realized that it didn't disable the Windows Firewall and hence both ran at the same time.

And now, in build RC, it can be installed and although it's not reported in Action Center, they both seem to run okay without any problems. Moreover, when Windows Firewall assumes there are certain safe programs, Comodo asks if you want to run it. And sometimes both give me a popup asking if it is okay to run a program but never had a big conflict between the 2.

So aside from theoretical answers, what I want to know is if anyone has had a concrete problem, i.e. an actual problem occurring.

Link to comment
Share on other sites

Never had any issues running the built in firewall in XP and the old Kerio Personal Firewall. Having said that, I don't even know why I keep the windows one running as it doesn't automatically block outbound connections.

Link to comment
Share on other sites

I dont realy see any sence in running 2 firewalls it would just use more system resources than one???

Yes but if you have two running then there is even less risk. While one may let things slip through the other may pick it up etc. Personally I have a hardware firewall in my router plus the inbuilt windows xp firewall. I did have a comodo firewall a while ago but it asked me to block or unblock everything internet related I did. Reminded me of UAC.

Edited by Zenskas
Link to comment
Share on other sites

From an administrative point of view, you would need to add exceptions in 2 places (programs and/or ports).

Functionally, one of the firewalls has to be last in the chain - it may appear to receive all outbound packets from a single source (the other firewall) and so once this source is "trusted" it can render the last one obsolete.

As with AV products, firewalls employ kernel and user mode components - the kernel filter drivers can sometimes "fight" to be layered last so that they have the last word on outbound packets and first word on those inbound (or a later driver could potentially modify the data after/before inspection).

Even with no conflicts, every network I/O has to travel through both filter drivers and if SPI is used this might have a significant impact on the throughput (given network I/O is considerably slower than local I/O).

1 perimeter firewall (e.g. built into a router) and 1 host ("software") firewall per machine should provide a more diverse, layered approach.

I've not seen problems with 2 host firewalls present at the same time, but then I've never tried :)

I have, however, seen the havoc 2 realtime AV products can cause (hard hang after <5 minutes uptime).

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...