Hardware based firewalls DO have an OS, just imbedded, and they do require updating, maybe both for the hardware they sit on such as the router OS, like the Cisco update that was such a big thing a while back, and for the firewall part that sits on top of that via a card or other chip. Jeff Sloan Network Administrator Cross Oil Refining & Marketing, Inc. -----Original Message----- From: nperez@xxxxxxxxxxxxxxx [mailto:nperez@xxxxxxxxxxxxxxx] Sent: Monday, October 18, 2004 11:20 AM To: ISALists Subject: [isalist] Kind of OT: Software-based vs. Hardware-based Firewall http://www.ISAserver.org I'm trying to answer my boss' argument that hardware based firewalls (such as Cisco and Watchguard) have no real advantage over a software based firewall, such as ISA. My opinion (and this is just my opinion!) is that hardware based firewalls do have an advantage in terms of security and speed. It is more scalable, better throughput, faster then most software solutions, and no OS (Windows) which can have holes & bugs! We have a remote site that we connect to and I think implementing a hardware based firewall will enhance our security and throughput. We currently have it setup ISA to ISA on both ends. I know there will be some bias here - after all this is an ISA forum! But can anyone shed some light on this? Or direct me to some good resources? I didn't find much on isaserver.org. Thanks!