SantechUSA

Don’t let your business go up in flames

Getting Started

By now, everyone has heard of a firewall. But why do you really need one? The term firewall stems from the firefighting technique of creating a defensive line (wall) that the fire can’t pass.  Today, we use the same terminology for devices that keep unwanted traffic, or Internet-borne fires, if you will, at bay.

Without a firewall, you’re vulnerable to a slew of attacks from the online world. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The predecessors to firewalls for network security were the routers used in the late 1980s.

Since the 1980s, technology has gone through an exponential transformation, introducing new protocols and layers of complexity. Hand in hand with technology changes, firewalls have become more sophisticated in the way they regulate traffic. A simple “block/allow” traffic mechanism is no longer sufficient in today’s online business ecosystem.

Next-Gen Firewalls (NGFW) take a Unified Threat Management (UTM) approach to address new challenges. For the purpose of this article, let us focus on why you should protect yourself instead of which technology to use.

There are many ways your system can be compromised; sophisticated viruses, worms and Trojans, collectively known as malware, are well-known sources of attack. Visiting a malicious website or opening an infected email, from an unprotected system, is enough for game over! Once you’re infected, you enter the digital cesspool. Another danger is a direct attack/hack to known vulnerabilities on your system. Once your system has been compromised by malware, it becomes what’s known as a “zombie computer” and may even crash. There is a wide range of attacks that can be launched using your zombie computer, such as stealing your identity/passwords, generating spam, attacking websites or redirecting you to buy/spend money. There are at least 10 different categories of malware today.

Your recovery will depend on whether or not you’ve implemented a smart backup system with immediate access to your data.

Before we dive in one level deeper about firewalls, it should be noted that the best defense against malware/attacks is the user. No matter which digital security tactics are deployed, if the user doesn’t practice safe online practices, hackers and attackers won’t be stopped.

Now, onwards in our quest to find the right firewall technology. There are different types of firewalls and selecting the right one will have an impact on your bottom line. You get what you pay for!  

Tip: the ‘free’ firewall software built in to your Operating System (OS) mostly stops you from working – and not the bad guys from stealing your stuff or causing havoc!!! Also, built-in firewalls don’t prevent antivirus/malware threats; they are typically designed to block intrusion attacks.

Let’s just divide the firewall solutions into two groups: Personal/Desktop and Perimeter.

Desktop Firewalls

If you’re a single user, then Personal/Desktop firewalls may be enough.  Personal firewalls can be built into your OS or installed as added software.  As the name suggests, they are localized to your PC. Consider them as the last line of defense against the war on malware and intrusion.  If it’s your only line of defense – panic!!!

PROS: They tend to be inexpensive and fairly easy to configure.

CONS: Often users misconfigure these solutions and operate on a false sense of security.  They slow down the installed PC by taxing resources like CPU/Memory in order to scan the traffic. Often, they conflict with the other software running on your PC. As already discussed, they are unable to scan/block 100% of the attacks. Finally, once compromised, there’s no second line of defense.  

Software-based firewalls have some inherent drawbacks:

• Novice users can improperly configure them; false sense of security

• They slow down the computer

• Often not updated and will not catch everything

• They can be easily hacked

• As a single line of defense, your system has no second line of protection

• They filter at a very basic pass/fail level

If you’ve been plagued by non-stop pop-up windows, Trojans or viruses that make you and your system go haywire, consider your options and understand why you’re being bombarded. Your firewall solution is probably not doing its job.

Still, this might be a sufficient solution for a home user.  

Did you know?

A 2006 Computer Science survey of IT security professionals and managers showed that businesses sustain $13.3 billion in damages due to malware attacks, up from $3.3 billion in 1996.

Firewall Appliances

In a business environment, with multiple PCs to manage, software-based solutions are difficult to manage and insufficient at blocking attacks. Appliance (hardware) firewalls are more configurable, more sophisticated and more effective. One reason is because the dedicated hardware has enough resources to scan all traffic fully, instead of relying on your PC’s resources.

Not long ago, firewalls were effective by just blocking ports on a system’s perimeter. But hackers got increasingly smart about how to mix in their malicious software with legitimate traffic. So Desktop/Personal firewalls, as well as legacy perimeter firewalls, are easy to breach because they’re not great at doing a deep inspection of legitimate traffic. Now, to do the job of truly protecting your system, hardware firewall appliances need to multitask. They do a much deeper inspection of the traffic and check for multiple attack vectors.

Bouncing back from a breach can be another slow burn – in the wallet. According to a report from Solutionary, companies are shelling out a whopping average of $3,000 per day, and as much as $6,500 per hour, to get back on track following an invasion that could have stopped by a firewall.

There are at least seven attack vectors to consider when scanning the traffic for threats: Firewall/VPN, IPS, Application Control, Web Filtering, AntiVirus, AntiSpam, and AntiMalware.  High performance firewalls like Cisco, SonicWall, Baracuda and FortiNet attempt to detect threats in real-time without affecting the end-user’s experience. They also have group management capabilities, allowing certain members, for example, to access Facebook or Twitter, while excluding others. When you’re managing a larger team, the integrity of your security system is only as good as the habits of its users. It only takes one incident by one (unsuspecting) user to infect the entire network with Malware.

Conclusion

Like every other solution in the Information Technology (IT) industry, software and hardware firewalls need to be maintained and updated because technology inherently means that nothing remains static. However, even though your computer lives in a dynamic environment under continuous attack, well-implemented firewalls can thwart break-ins on a regular basis. Always check up-to-date information about how to tweak your firewalls to stay ahead of the curve.