nVidia Firewall.

Is there a need for more than one firewall?

My questions are related to my newly assembled PC with Win XP operating system:

ASUS A8N-SLi Premium MainBoard with 2 GB RAM

AMD Athlon 64 X2 3800+ CPU

nVidia eXtreme N6600GT 128 MB DDR3 VGA

Recently, I installed a file sharing application uTorrent 1.5.437, and during the installation it notified me of a potential problem with nVidia firewall.

I have disabled the Windows Firewall and installed the ZoneAlarm Free 6.1.744.001.

nVidia firewall came with the ASUS MB as a package deal and was described as a hardware one (as far as I can recall). At the moment I simply disable it.

Should I uninstall it for good?

2nd question:

How to enable sounds on Ctrl+C (copy) and Ctrl+V (paste) operations?

It's strange that sometimes there is no sounds.

The ActiveArmor (nVidia firewall) is built into the Gigabit ethernet controller. What this means is that there is very little CPU loading as it runs independant of it. In fact, the only thing the CPU has to do for NVIDIA Firewall is to adjust the hardware ActiveArmor parameters accordingly. All the processing and sorting of network data packets is now performed by the chipset MCP.

The NVIDIA Firewall complex is controlled through special web-interface very similar to hardware firewall configuring tools. It requires Apache web-server, which is installed together with the other software for nForce4 integrated network controller. This way, NVIDIA Firewall allows remote management of the system, too.

The firewall's hardware components have benefits beyond lower CPU utilization, though. Because it partially resides in hardware, the firewall is enabled instantly when a machine is powered on. Software firewalls that rely on drivers and other programs can only protect a machine after it boots into the OS and all the necessary drivers and programs are loaded, leaving a small window for attacks to take hold.

Thanks tywais,

Still, the question is why to bother with other firewalls if nVidia is so good?

Thanks tywais,

Still, the question is why to bother with other firewalls if nVidia is so good?

It is probably not a good idea to use two. First, the possibility of conflict between the 'soft' and the 'hard ' firewall, and 2nd the effort of configuring two firewalls and trying to be sure that the rule sets are not in conflict.

A little more info: " Also, hackers have shown that they can disable software firewalls then access the network because the drivers are separated. Because of NVIDIA’s unified approach, if a hacker tries to disable the firewall, he also disables the network connection.

Active Armor is available on the nForce4 Ultra and SLI versions. The standard nForce4 uses the identical “hardware optimized” firewall approach found on the nForce3, which leans much more heavily on software processing. NVIDIA’s ForceWare interface is impressively robust and gives users or resellers plenty of options for fine-tuning the firewall. Just keep in mind that a third-party software firewall will effectively short out NVIDIA’s implementation, although NVIDIA anticipates third-party compatibility in the future.

Unlike some router firewalls, Active Armor controls both inbound and outbound traffic. It also provides client-to-client protection that consumer routers don’t accommodate so that malware doesn’t quickly spread throughout a LAN."

Source: http://reselleradvocate.com/public/ram/iss...verstory02.html

More info: http://www.amdzone.com/modules.php?op=modl...ntpage&artid=71

Having said this, I have seen on some forums complaints and problems with the Active Armor (the soft side of the Firewall equation), however that may been old information and the latest version may be more stable.

It seems slightly scary having to install webserver software on a local PC in order to control its firewall

It seems slightly scary having to install webserver software on a local PC in order to control its firewall

Most ADSL modems, wireless modems and Ethernet switches (intelligent ones) have their own web server integrated into them so not much different.

I run a hardware firewall on my DI-524 Wireless router,

but I also run ZoneAlarm on the the individual pc's on my

home network. I have never had a conflict.

The h/w firewall certainly blocks a lot of attempts to access my machines,

but not all. Zone Alarm also reports the occasional intrusion attempt.

There are a lot of differing opinions on the level of protection you need. Some people advocate the "highest redundant protection at all levels" approach. Others say that the windows firewall is more than enough.

I don't really like fancy-schmancy firewalls all that much. They're a pain to setup, they tend to mess up programs, and they can be very restrictive and cause headaches. The main argument is that windows firewall doesn't care much for outgoing connections... and it's a valid argument. However, if you're careful enough (like me) and don't get anything on your computer in the first place, you won't have any malicious outgoing connections. For most folks who *still* use IE for surfing their daily porn, I think you should go for the most protection you can get... you'll need it.

It seems slightly scary having to install webserver software on a local PC in order to control its firewall

Most ADSL modems, wireless modems and Ethernet switches (intelligent ones) have their own web server integrated into them so not much different.

Most peripherals don't run Windows though, nor do they hold private data or run general purpose hackable apps like a PC does.