What is a Firewall?
A Firewall is a software program or built in hardware device with the specific purpose to defend your home or business against electronic threats by screening viruses, hackers and worms looking to infiltrate your computer through the internet. Serving as a gatekeeper between your company’s servers and the outside world – firewalls keep external threats out while alerting you to more elusive problems by diverting outgoing data.
Having an effective business class firewall is important but having a good balance of an anti-malware program and antivirus suite can save your business from spending time and money dealing with virus infections or hacker attacks.
Learn the benefits of picking the right Firewall:
- Confidence in your choice
There are a variety of business class firewalls to choose from. Some network security devices include a broad range of features and services at a high cost, while others have basic services for a lower cost. When you’re running a business, you have to weigh the cost of Security. Spending a few more dollars can be the difference between getting a breach and not getting a breach. Be sure to select a well-recognized and trusted platform. Whichever brand you select, confirm that the firewall is ICSA certified, the industry standard for packet inspection.
- Functionality and Usability
Many firewall models deliver tight security and offer GUI-friendly administration. Some of the benefits of having a GUI interface are it helps prevent installation mistakes, it makes it easier to diagnose and correct failures and make it’s easier to train staff and implement changes, upgrades, and replacement.
So, when selecting a hardware-based firewall, consider the benefits of functionality and usage. The easier a platform is to administer, the easier it will be to locate professionals capable of installing, maintaining, and troubleshooting the platform.
- VPN Confirmation
A firewall’s purpose isn’t just to keep hackers and unauthorized traffic out of the network. A good firewall also establishes and monitors secure channels, enabling remote connectivity. When you purchase a hardware-based firewall make sure it supports both SSL- and IPSec- protected VPN connections from similar devices (for point-to-point or site-to-site VPNs), as well as secure connections from traveling employees. This is critical when protecting critical personal client and business data. Creating a Virtual Private Network connection is one of the single most critical things a business owner can do to create a secure remote connection. Don’t skimp on this feature.
- Warranty and Technical support
Hardware fails. Worse, just because a device is new and fresh from the factory doesn’t mean it will work properly. Check that 24×7 technical support is available and implement technical support contracts with the firewall’s manufacturer. Get a 24/7 warranty, if your business class device fails you’re not going to be able to pick it up at a local store so either have a spare on hand or get a good warranty. Having a down firewall for a day or two can lead to complete failure inclusive of email, internet and remote connectivity.
- Integrity of Hardware
The Integrity of your hardware is critical. Having a dated firewall in today’s fast paced ever changing business environment can lead to slowness, Internet issues and major security concerns. The older a firewall gets the more vulnerable it gets. Make sure you keep all your hardware current, under warranty update your subscriptions annually and only purchase business class hardware.
- Monitoring and Reporting
Firewalls manage critical network tasks. Repeatedly throughout just one business day, a single router can block thousands of intrusion attempts, detect consolidated attacks, and log failing or failed network connections. But this information is helpful to network administrators only if it’s available in a readily accessible format. Look for firewalls that not only monitor important events, but that also log this data in compatible formats. Most firewalls only log information for 30 days so make sure you extend the logging to 180 or 360 days. 30 days of logging just isn’t enough today so make sure your firewall’s log can go back at least 180 days but it’s recommended that you go back 360 days of logging. A good firewall should generate email alerts, too, at least for critical events.
- Content Filtering
Some firewall manufacturers offer Web filtering subscriptions. The benefit is that all the network services associated with a business, from gateway security services to content filtering, can be consolidated on a single device. Content filtering is the use of a program to screen and exclude from access to Web pages or e-mail that is deemed inappropriate. This type of filtering can help prevent Malware from penetrating your infrastructure when your staff is surfing the Internet. Content filtering has come a long way in the past 5 years and can prove a useful tool against hacking and potential Virus and Malware attacks. Look at this add on module strongly when deciding a firewall.
- Failover
Some organizations require WAN failover, or redundant Internet connections with automatic fault detection and correction. This is critical and recommended when using cloud services to run your entire or critical parts of your business. Many firewall models don’t have support for automatic failover. If that feature is critical to your organization, confirm that the model you select includes seamless failover; don’t assume high-end firewalls include such functionality by default.
In addition, make sure the model you select supports the failover methods your organization will use. For example, a unit possessing two RJ-45 WAN Ethernet ports will do no good if the second connection is to run off a cellular card. In such cases, appropriate integrated USB support for GSM cards or adapters may be required. Don’t rule out a cellular card form of redundancy it’s worth looking into and can bring some value.
- Feature Rich
Consider picking a firewall that has enhanced security features such as GEO filtering.
This feature enables the firewall to block activity by country which is where most attacks originate. A great feature to have.
- Volume, Performance and Capacity
Firewalls, due to their network role, typically serve as an organization’s Internet gateway. Smaller offices may leverage a firewall in a dual capacity, to serve as both a security device and as a network switch. Other larger organizations, usually just drop the firewall into a larger architecture in which the firewall’s only role is to filter traffic.
Confirm that a firewall can manage assigned loads. This means ensuring that it has the appropriate number of Ethernet ports and the appropriate speeds (10Mbps/100Mbps and/or 1000Mbps, if necessary). Furthermore, make sure the firewall you select has the CPU capacity necessary to perform packet inspection, gateway security services, and routing functions. Most firewalls today come with add-on modules and subscriptions so be careful not to cut-corners on CPU capacity while spending on additional services. It will affect the performance of the device. Pay close attention to the manufacturer’s recommendations for maximum node support. Exceed a router’s capacity and you’ll experience errors, flat-out traffic denials due to lack of licenses, and/or unacceptable performance.
- Expertise of Installation
Installing a business class firewall properly is not as easy of plugging it in and walking away. There are many things that have to happen in an effort to setup a business class firewall correctly. Today’s firewalls are sophisticated and to further complicate the process are add on modules, the licensing and the expiration of the licensing and warranty’s. Discuss the installation process with your provider and get involved.
- Summary
The average business owner is not expected to know all the nuances of picking the right firewall so here’s a recap of the critical items to look for,
- Pick a well-known business class firewall
- Get the warranty and look for redundancy
- Look for a device that supports GEO filtering
- Look for a device that supports Content Filtering
- Look for a device that supports Extended Reporting and Logging
- Look for a device that supports VPN is a must for remote connectivity
- Partner with an IT company that has a track record of installing firewalls
- Decide the level of security you want, that will help you determine your budget.