Recently I made the jump to broadband and because of the wireless capability of my laptop I chose the D-Link DSL-604T wireless ADSL router/modem. When configuring the router the instructions highly recommend that other firewalls should be disabled to avoid any conflicts. My computer is running the Windows XP Internet Connection Firewall and the Norton Internet Security firewall. If I disable these firewalls, will the ADSL firewall be enough? What are the possible conflict problems they mention? The computer is running Windows XP.

The firewall capability which most routers boast is a feature called Network Address Translation (NAT). This isn’t per se a firewall, but instead is a networking facility which offers some degree of protection against attack. NAT allows multiple computers to access the internet using one internet connection. When you install a broadband router/modem, the router itself is the device which is connected to the internet. It has inbuilt software which connects to your ISP when an internet connection is required. Therefore, the router itself is assigned a public IP address when connected. The router then assigns each computer on the local network a private IP address (usually in the range of 10.1.1.1 or 192.168.0.0). The router performs a ‘translation’ function. When a computer on the LAN wishes to access the internet, the computer sends data to the router which then transmits this data onto the internet. When a response is sent back from the internet, the router is able to figure out which computer sent the original request and then route the data to that specific computer. By this stage, you are probably wondering where a firewall comes into this scenario. Since the router is the device assigned an IP address, if an attacker attempts to break into your computer it will encounter the router at the IP address as opposed to the computer. So, your computer has a degree of protection being hidden behind the router.

Reading the manual for your specific router shows that it has some more advanced firewall capabilities, such as blocking common inbound ports (such as FTP, Ping) and also allows you to enable policies to block against certain types of attacks. That said, most routers only employ a relatively simple firewall, unless you spend thousands of dollars on advanced hardware firewalls. It is always possible that when running two firewalls they could conflict (e.g. and block certain types of traffic), but really the only way to find out is to run both and see what happens. When installing Norton Internet Security the program advises that all other firewalls should be disabled, but since you seem to have been running the Windows XP firewall and NIS firewall concurrently for some time with no apparent problems, you can see that you may not necessarily get a conflict. It really depends on the firewall which is being run. Personally, I would not say that a basic firewall purely on a router is sufficient, since it lacks features of software firewalls such as outbound program control (which alerts the user when a suspicious program is attempting to access the internet). I say give running both at the same time a go and see what happens. If you find there are problems, then at least you’ll know!