Who understands hardware firewalls?
For the past couple of years I've been using a software firewall (Zone Alarm Pro). It seems to be quite effective but it can sometimes be intrusive - not letting me access sites that I want to visit (for example, on Ebay, it will often allow me to see some pages but not others).
For ages, my mate has been telling me to ditch Zone Alarm and buy a hardware firewall but I don't really understand how they work. I have a mental picture of them being even more intrusive than Zone Alarm.
With a software firewall, it doesn't prevent trojans etc from getting into your PC but if anything tries to get out, it will flag up a message asking if you want to allow it. My understanding of hardware firewalls is that they're pretty much the opposite. They simply don't allow trojans to get in in the first place. But how do they know what is a trojan? Many web sites include Java & ActiveX controls which do various things. How does the firewall know which are malicious and which are benign?
And what if I specifically want to download an executable file - e.g. from an FTP site? My experiences of actually trying to send an exe to someone with a hardware firewall have always been bad. Are these hardware firewalls all they're cracked up to be?