firewall

the term 'firewall' has been around for a long time and refers to a wall to prevent the spread of fire.

In computing terms, we use the word to describe a security device. It can be either hardware or software, that may assist to safeguard your network.

The purpose of a firewall:

  • filter traffic and prevent unwanted access to sensitive information.
  • prevent harmful malware from infecting your computer.
  • block undesired traffic.

Different levels of protection are available. Determining how much security you need is the key.

 

How does a firewall work?

A firewall monitors both incoming and outgoing network traffic. It allows or denies data packets based on a set of security rules.

The goal of the firewall is to act as a barrier to block unwanted traffic from hackers and viruses. The firewall is to only let legitimate traffic into the network.

How does a firewall work

source: Spiceworks

 

Types of firewalls

Packet-filtering

A packet-filtering firewall is suitable for smaller networks. It offers the most basic level of security and can be helpful, but does not block web-based attacks. You need extra security to identify friendly from harmful online internet traffic.

Proxy

A proxy service firewall is a solution that can help to safeguard the security of your network.  It acts as a bridge or middleman between your internal network and external web servers. It is sometimes referred to as a gateway firewall.

It is more secure as it uses stateful and deep packet inspection technology. A proxy service firewall examines incoming traffic and can detect malicious traffic. The firewall can affect bandwidth performance and some applications.

Stateful Inspection

Stateful inspection firewalls are also referred to as conventional firewalls. They allow or deny traffic based on state, port, and protocol. It monitors all activity while the connection remains open. Filtering decisions are decided from both administration rules and monitored traffic.

Unified Threat Management (UTM)

A UTM firewall or Unified Threat Management firewall. It combines the functions of a Stateful Inspection Firewall with intrusion prevention and antivirus. It may also include other services and cloud management. They are designed to be simple and easy to use.

 Next-generation Firewall (NGFW)

Next-Generation Firewalls are more advanced than stateful inspection and packet filtering firewalls. They offer higher degrees of security by inspecting the whole packet of data, also known as deep packet inspection (DPI). The NGFW can block Advanced malware and other complex security threats.

NAT Firewall

The Network Adress Translation (NAT) is the process of mapping many local private addresses to one public IP address. NAT Firewalls can analyse Internet traffic and stop unwanted communications. It only permits inbound web traffic, in other words, if a device on your private network has requested it.

Threat-focused Next-generation Firewall

Threat-focused NGFW firewalls offer enhanced threat detection and remediation. These features are included on top of a regular NGFW.

With the threat-focused NGFW you can:

  • identify which assets are most vulnerable.
  • hardening your defences allows you to respond to assaults quickly.
  • evasive or suspicious behaviour can be more accurately detected.
  • reduce the time from detection to clean up.
  • simplified administration and reduced complexity.

 

What type of firewall is best?

The proxy Firewall combined with content filtering is the most secure. There are many great firewall products on the market that use these firewall technologies. Skope IT recommends The WatchGuard Firebox range with enterprise-grade security. They have a range of firewall appliances that are suitable for small home offices, small businesses to large enterprises.

Their firewalls integrate stateful packet inspection, with NAT and TLS decryption and a proxy firewall. They can provide a secure VPN connection for external users to access the internal network.

 

Where is a physical firewall located?

Firewall Location

A firewall acts as a barrier between the internal network and the public internet. The best location is as close as possible to the public untrusted internet. It is best located just after the router and can even replace the router.

 

Why do you need a firewall?

By blocking harmful or unnecessary network traffic, firewalls defend your computer or network from outside cyberattacks. They can stop harmful malware from executing on a computer from an untrusted internet source.

With an encrypted VPN, You can shield and protect your internet data transmission. If you don't use a VPN, anyone with network access and the desire to examine it may access the unencrypted data. Hackers and online criminals are unable to decode this data when using a VPN.

You should only be connected to your company's internal network through a secure VPN. The best solution is through a Firewall.

 

Can I use my router as a firewall?

Yes, you can use your router as a firewall, but the router's primary function is to route internet traffic. Routers only provide basic firewall protection. A firewall's primary function is to act as a firewall and that is what it does best.

 

Bandwidth & Throughput

Bandwidth

Source: Lifewire

Firewalls can only process so much information in a given time. This is measured as bandwidth. The technical specifications of a firewall will show the speed ratings. It's crucial to remember that firewalls cannot make your internet connection faster. They will, nonetheless, produce a bottleneck if you don't select the correct device for your network.

For instance, if your internet connection is 100Mbps and you install a firewall capable of 75Mbps. You will not get the full performance from your internet. The firewall will slow your internet down.

 

Performance vs security

Firewall Security vs Performance

A firewall's job is to analyse all packets of data that pass through the network. Depending on how the firewall has been configured, this can affect the performance. Yes, you can increase the performance. You can disable some of the features, remove it altogether or even turn it off. Doing so will increase the exposure of your entire network to potential risk.

Businesses that need a quicker connection should improve their equipment or internet service. The price of a new firewall can be far cheaper than the expense of repairing a security breach.

 

Our recommendations

If you are running a business you should definitely consider using a firewall. There are many benefits, including:

  • Prevent hackers from gaining access to your system (protects your data)
  • Stop viruses, spyware, malware, trojans and phishing attacks
  • Better privacy
  • Helps VOIP phone reliability and security.
  • Content filtering
  • Allows staff & or clients to access the company files and applications securely from outside the office

 

Other considerations

Network Security

Just because you may have a firewall you also need to consider all your devices on the network.

Any outdated firmware found in printers, routers switches, or network attached storage (NAS). Any unsupported and outdated operating systems like Windows 7, Windows XP or macOS 10.14 Mojave or older.

If you have old hardware that is no longer supported you should consider replacing it or at least removing it from the network.

 

Looking to protect your data?

Contact us today to discuss your needs and we can tailor match a firewall solution.

Call Now