A hardware firewall is a physical filtering component that inspects data packets from the network before they reach computers and other devices on a network. A hardware firewall is a freestanding unit that does not use the resources of the computers it is protecting, so there is no impact on processing performance. The firewall can be configured to block multiple individual ports, a range of ports, or even traffic specific to an application. The Linksys E2500 wireless router is also a hardware firewall.

A hardware firewall passes two different types of traffic into your network:

There are several types of hardware firewall configurations:

Hardware and software firewalls protect data and equipment on a network from unauthorized access. A firewall should be used in addition to security software. Figure 1 compares hardware and software firewalls.

To configure hardware firewall settings on the Linksys E2500, as shown in Figure 2, use the following path:

Security > Firewall > select Enable for SPI Firewall Protection. Then select other Internet filters and web filters required to secure the network. Click Save Settings > Continue

NOTE: Even on a secure network, you should enable the internal operating system firewall for additional security. Some applications may not operate properly unless the firewall is configured correctly for them.

Demilitarized Zone

A DMZ is a subnetwork that provides services to an untrusted network. An email, web, or FTP server is often placed into the DMZ so that the traffic using the server does not come inside the local network. This protects the internal network from attacks by this traffic, but does not protect the servers in the DMZ in any way. It is common for a firewall or proxy to manage traffic to and from the DMZ.

On the Linksys E2500, you can create a DMZ for one device by forwarding all traffic ports from the Internet to a specific IP address or MAC address. A server, game machine, or web camera can be in the DMZ so that the device can be accessed by anyone. The device in the DMZ however is exposed to attacks from hackers on the Internet.