When you use a hardware's Firewall, do you need to install a software Firewall or it's enought by itself !?...

BTW, do we need install APF + BruteForce, etc. on a linux's box using the hardware's firewall !?...

If H.F.'s users could share theirs experiences ?...

Well, technically speaking the hardware firewall would handle the firewall operations. The advantage of the hardware firewall is that it frees the CPU to handle other tasks instead of adding the job of checking on incoming and outgoing packets which could be CPU intensive if the volume is high and that you have a lot of ruleset. The hardware firewall has its own CPU to handle the work.

By enabling both the software and hardware firewall would not provide you with any performance improvement as you may be adding an additional layer of redundancy. However, it might allow you the flexibility to add other rulesets which is not in the hardware firewall instantly. As I understand it, the hardware firewall currently still does not allow you to manually manage it but need to go through the TP managed services which my last experience a year or so back tells me that they do not operate 24/7.

Maybe what you want to do is to either disable the software firewall if the hardware ruleset covers all you need or provide a reduced ruleset for your software firewall to include what has not be added in the hardware ruleset and thus reduce the redundancy and increase performance.

Or you could use the 'kiasu' method and enable both at full setting.

it's confirms what I suspected.

Thank you; Edwin, you are a truth well of knowing!...