Just a query about using IPFire Firewall

Hi all,
So I have IPfire set up and working as it should, or at least I assume it is, LOL. So just a quick query for all the knowledable poeple in this community, if one is running IPFire, is it really necessary to also have Winodws 10/11 firewall enabled?

Hi Mark, I generally leave the WIN FW enabled. Not that it does much (so long IPF is setup properly) however IMO having multiple layers of defense is generally preferred.

4 Likes

@rjschilt Thank you for your reply, Robert, I appreciate your reply, my question stems mainly form the fact that I was having a small issue receiving emails to my mail server and this was because I had not allowed the port through the Windows Firewall, but I had allowed it on IPFire, so more a case of removing extra steps.

The extra layers of defense can lead to extra steps at times that some might deem inconvenient. If inconvenience leads to safer and better protected systems I don’t mind at all.

Others might feel differently but that’s my approach.

4 Likes

@rjschilt Fair enough, I hear you. Let me see if anyone else may have a differing opinion, though, for the sake of listening to all sides of the argument. Thank you.

1 Like

The functionalities of the two firewalls are a bit different.
The IPFire FW defines rules for the whole local installation.
The FW on a client ( Windows machine ) defines the rules, which shall apply to this single device. These can be different from the local default rules.

2 Likes

Probably worth a side note that these days Apple leaves Mac firewalls off by default, as do at least some desktop Linux distributions. The basis is that as delivered no vulnerable ports are opened to the internet so it is only a complication to turn it on; but you can. The problem for personal devices is more about to what you choose to connect.

Your perimeter firewall is probably doing a perfectly good job, though I use internal firewalls to defend against other compromisable things (servers, IoT) within my own network. This is a well-known security practice.

4 Likes

Additional sidenote, my antimalware Bitdefender also has some kind of web protection, so I have that and the Windows firewall on all my Windows machines.

As long as nothing weird happens or one might suspect conflicts.

1 Like

Thank you all for all your replies, feedback and input. My home network is just my IPFire, my desktop, laser printer and two cellphones, so I think I am protected well enough. But I will leave Windows firewalls on, just as an added precaution, after the consensus provided here. Thank you all again, much appreciated.