Perimeter Security is NOT Optional
Lest skeptical readers be tempted to skip the whole security thing entirely, I'd like to quote a well-known networking and security expert on this subject. David Strom (author, columnist, and former editor-in-chief of Network Computing magazine) has this to say on the subject of perimeter security for SOHO (small office, home office) and end-user Internet links: "If you run a business out of your home, you have to have a firewall of some kind. Hardware-based firewalls are better than software-only firewalls, but some security is always better than no security." I couldn't agree more, and I plan to use his distinction between hardware-based and software-only firewalls to guide most of the rest of this article.
Before I continue on to examine the differences in costs and capabilities between software-only and hardware-based firewalls, I'd like to explain the difference between a full-scale or enterprise-level firewall and a personal or SOHO firewall (although they're not always the same, both types of products are more likely to be called personal firewalls than anything else, including SOHO firewalls). There are certain obvious differences in scale and cost: whereas a full-scale or enterprise firewall can comfortably handle thousands of incoming sessions and thousands of outgoing users, most personal firewalls stop well short of such capabilities. Most will bog down as the number of incoming sessions exceeds 30 to 100, or as the number of users going through the firewall to access the (external) Internet exceeds 10 to 20. These are clearly small-scale, lower-cost solutions aimed squarely at home office, small office, and purely personal uses, be they networked for a handful of systems, or only for a single system.
That said, it's also important to understand that the most significant difference between software-only and hardware-based personal firewalls is cost. David Strom's earlier quote underscores the notion that small offices or business are more likely to use networks, and thus more likely to benefit from hardware-based personal firewalls. But the real issue is cost: if spending more than $100 is unpalatable, software-only is the way to go; if spending more than $100 is no problem, or you have a network and/or a business to protect, hardware-based firewalls offer more protection and more functionality.