Firewall on router instead of firewall on NAS

    • OMV 4.x
    • JohnStiles wrote:

      Firewall on the router and firewall on the machine with omv. Firewall on your desktop too. Wherever it is possible and it makes sense, there should be a firewall on every machine. The only difference is the type of traffic policy for an individual machine that can be different from each other.
      This seems rather excessive and would only cause headaches. To each their own.
    • jollyrogr wrote:

      This seems rather excessive and would only cause headaches. To each their own.
      I do not think so. Security is important. But since you prefer a bare system without a firewall, it's your choice. One central spi firewall will provide some degree of control, but this is not the best solution imho.
      Each machine connected to the network should have a minimum of awareness and control over its network. Traffic policy based only on one central firewall is always a potential problem in the future imho.
      In the soho environment you can debate the legitimacy of many things. But only one single firewall at the entrance to the lan network is never the best solution. Any problem here that will cause LAN penetration makes machines without a firewall more vulnerable to a bad touch.
      This is a typical attack vector in small company networks. Where the intruder penetrates deep into the lan and the attacker does what he wants ... Personally, I can not imagine my system without a firewall. No matter what he does and where he is.