When putting together a cyber-security plan for your business, one size does not fit all. Every business is going to have different needs. But one absolute necessity for your business security solution is a firewall. And there are a lot of options on the market. Understanding what they are, how they work, and what features to look for can make finding the right firewall easier.
What is a firewall?A firewall is a piece of hardware placed between your internal network and the public Internet and designed to stop intrusions from entering your network. The firewall scans traffic coming in and out of your network and blocks malicious attacks from entering.
It performs these scans by receiving definition files from the manufacturer. These definition files are essentially patterns that the firewall can compare against to determine what is coming in and out of your network. Firewalls can also detect viruses running or attempting to breach your network based on these definition files.
The basic features
There are two basic features you should look for when finding a firewall for your small business:
- The ability to be used as a router and
- Control of remote access to your network
A good firewall can be used as a router.
Think of the router as a traffic cop of your network. For instance, if you have an on-premise Exchange server, your firewall allows traffic for emails to go to and from that server.
A firewall can also control remote access to your network.
A good firewall should allow for site-to-site and client-based VPN tunnels. A VPN (or virtual private network) is a way of tricking your computer into thinking it's somewhere else. VPNs are commonly used for connecting satellite offices back to the main office (site-to-site) or allowing employees to access data on the corporate network from their home or on the road (client-based).
Additional Features to Consider
Now that we’ve established what a basic firewall should be able to do, let’s look at additional features that should be considered:
Website and Spam Filtering
Some firewalls have a website filter built into them. They allow you to block websites based on categories and/or individual website names. Firewalls can also perform SPAM filtering duties and inspect the traffic coming through your email and confirm that it is safe to pass through.
Firewalls can also have a built-in antivirus scanner built into them. They can scan web pages, files, and links to stop viruses from entering the network and creating problems for the end user. If you already have a separate antivirus program, you may not need this feature.
Inspect Encrypted Traffic
Firewalls can also have features for inspecting SSL encrypted traffic. These firewalls play man-in-the-middle. It captures the encrypted traffic as it comes into the network, decrypts it using an SSL certificate, reads it to be sure it is what it says it is, re-encrypts it using the same SSL certificate and sends it back out. Cyber attackers frequently use encrypted traffic to avoid detection when sending malware, so being able to inspect encrypted traffic is becoming much more of a "need to have" feature than a "nice to have" feature.
Firewalls can also:
- control wireless internet access that is built into the appliance itself or
- control Wireless Access Points (WAPs) that are connected to it.
The latest firewall innovation is using a process called sandboxing to prevent access to malicious content. When a user clicks on a link, the firewall puts a warning to the end user, sends the link to a service that opens the file in a virtual environment and monitors it. If the file or link turns out to be malicious, it sends word back to the firewall, blocks the file, and stops it from being downloaded.
With the ever growing ransomware problem of today, the sandbox is the largest innovation in security technology that has been seen for some time.
Firewall as a Service
Some IT companies (including PTG) are starting to offer Firewall-as-a-Service options. These will vary by company but all typically include monthly payments (rather than one, large upfront fee) for a firewall with real-time monitoring and updates. This is typically a better option for companies who don't have the resources to keep a firewall updated all the time or don't want to pay the large, up-front cost for a business-grade firewall.
The wireless router that you bought at the big box store doesn’t necessarily count as a full-fledged firewall. Firewalls need to come from a reputable company with support and real-world security features to keep you and your data protected. Just as important is keeping your firewall up to date – if it doesn't have the latest definitions, it's not doing much to protect you. If you're still not sure which firewall is right for you, please reach out and we can help you find the appropriate option.