does the timecapsule have a builtin firewall

I want to hook my TimeCapsule directly to the comcast modem. Does the time capsule have a firewall to protect me or do I need to go buy one?

QA Apple Time Capsule

QA Apple Time Capsule

Product No Longer Available

3 Answers from the Community

  • Best Answer:

    What the second poster said is true. The NAT "Firewall" is only useful in protecting computers behind it from attacks originating from the internet, but it does nothing to prevent your computer (or any computer on your network) from establishing an "out-going" connection. Put simply, a router with NAT enabled is taking part in an internet conversation that is all "one way". The router will "dial out", but will not accept any incoming communications from a source that it's not already established a connection with. If the router is set up properly to close vulnerable ports, it's effectively invisible to the internet.

    With that in mind, however, any software (as well as any virus, malware, bot, or whatever) that is already behind the router and on your computer can "dial out" with impunity. That's where your OS's software firewall comes in. The software firewall will block both incoming AND outgoing communications that are not authorized.

    But the question was "... do I need to buy one?" No, not typically, but it depends on how much security you think you might need. The Mac OS and Windows 7 firewalls work perfectly well to protect from 99% of any potential threats that most users will face, in my opinion. Now, if you happen to spend a lot of time in the more nefarious corners of the internet (i.e. - Torrent sites, etc...) then you're asking for trouble and might consider a more robust, third party firewall.

    Do you need to wear a flak vest when you visit your local Farmer's Market? Probably not. Do you need to wear a flak vest when you visit a Farmer’s Market in Baghdad? Probably wouldn't be a bad idea....

  • The TimeCapsule has a built in hardware firewall that uses NAT port configuration for local network access. Technically, that should be enough to protect your internal network from any attack via the Internet, but it's always a good idea to have your OSes software firewall running as well. In short, there's generally no need to purchase a third party software firewall if you have a good router (i.e. the TimeCapsule) between your modem and your PC.

  • Usually in the security world there is no kind of "NAT firewall"! The Time Capsule does support NAT, that means every system behind the Time Capsule will be hide NATed when accessing the Internet. In that case there is no way back from the Internet to the system... But the established connection from inside to outside could be exploited!
    So you have to keep in mind that the "firewall" capability of the Time Capsule is not a really firewall.