A firewall is a critical part of your IT infrastructure, but not all of them are created equal. How can you ensure that your IT security is of the highest standard?
Firewalls act as the first line of defense for your business – the equivalent of a fence around your business that stops intruders before they get to the front door. However, like fences, when it comes to firewalls you have a lot of options but not all will give you the same level of protection. Many SMEs inadvertently buy the equivalent of a 3ft picket fence and think that this will keep their business protected from intruders. Whilst you don’t need an expensive, enterprise-level firewall, you do need a type of firewall that comprehensively protects your business and only lets in what you decide.
Not sure if you need a firewall? Read our article: I Have Anti-Virus. Do I Need a Firewall As Well?
Correct deployment and set-up is critical for any firewall to work correctly. Modern firewalls are complex. Whereas an entry level firewall used to have a few settings, even minimum grade firewalls could have hundreds of potential features that you need to manage correctly.
Unless you have an in-house IT expert with significant experience of firewalls, it is recommended that you employ an IT company to deploy your firewall and ensure that it has been set up correctly.
Automated/ Centrally Managed Updates
Cybercriminals and IT security products are in constant competition. Cybercriminals constantly change their approach to evade detection, which security products constantly update themselves in response to these new attacks.
If your firewall relies on any kind of manual process for updates then you will constantly be vulnerable to cybercriminals, as your system will not have the latest threat signatures. Your firewall needs to automatically update itself to remain secure.
If you are using an IT Support company, instant remote access into your firewall is critical. If there is an issue with your firewall, you cannot afford to wait until someone comes on-site to take a look at it. Your IT Support company needs to have instant remote access and remotely make changes to the firewall’s set-up.
Customisable Policies That Can Be Centrally Managed
Not every business is the same and not every department within your company needs the same type of access. For example, for most companies we recommend disabling access to gambling sites. However, if a gambling company is one of your clients then your staff may legitimately need access to their online presence. Equally, viewing Facebook during work could be a disciplinary offence for your Receptionist but necessary for your Marketing Manager.
This is why customisation is so important for a firewall. You need to be able to determine on a company and a granular level what your staff do and don’t have access to. Preset restrictions will either be too lenient or too prescriptive.
Equally, you need to be able to make those policy changes quickly, in response to business needs or to wider IT threats. If using an IT Support company, make sure that they can push policy changes remotely in order to avoid business delays or disruption.
Multi-Packet, Deep Packet Inspection
Did you know that many firewalls will let incoming and outgoing network traffic through your IT environment without checking it?
Imagine your firewall as the equivalent of an entrance gate, with a queue of cars and lorries waiting to enter through just one entrance. When a queue starts to build up, the security guards decide to start waving the lorries through and only searching the cars, to save time. Hiding within one of the lorries is a team of thieves who jump out once they get past the gate.
A firewall has to balance two things – thoroughness and speed. If it operates ‘one item at a time’ packet filters, then when traffic increases it has to start letting in larger files unchecked or it will slow your business operations down too much.
In contrast, next generation firewalls with multi-packet inspection opens multiple ‘traffic lanes’, meaning that it can inspect multiple files at the same time. This dramatically increases the speed at which traffic can be processed and means that it can scan every incoming item without affecting your system speed.
Deep packet inspection is also important. Many firewalls will just look at the file title – the equivalent of searching a car but not bothering to open the boot. Deep packet inspection take a thorough look at the whole file, meaning that it can spot threats which have been hidden deep within the file to try and disguise them.
Bandwidth Restrictions and Internet Speed
As said above, all firewalls need to balance thoroughness and speed. Your firewall needs to be able to manage your current IT system’s bandwidth without compromising on your speed of operations.
This means that you need a firewall with either high bandwidth capability or no bandwidth restrictions (i.e. one that uses multi-packet inspection).
You also need to examine its claims about internet speed and understand to what extent your firewall lives up to them ‘in the wild’. For example, have you ever bought personal internet “with speeds up to x” and then found that the only time you can actually achieve those speeds is 4am – 4:05am on a Tuesday? You need to understand not only the claims that the firewall provider is making, but also the technology behind the claims that makes them achievable or otherwise which you connect to the internet in real life.
Industry Awards and Recommendations
Whilst industry awards aren’t the only metric you should use, they can often be a good indication of industry reputation.
For example, the solutions provider that eXpd8 partners with has won a Gartner Customer Choice Award, ‘Security Solutions Vendor of the Year’ at an SMB conference and is NSS Security Labs recommended, amongst many other awards. This shows that it has industry-wide quality recognition.
How Should I Choose a Firewall?
When looking at how to choose a firewall, there are a number of things you need to consider:
- Your firewall is deployed and managed correctly. Use an IT provider if you do not have an in-house expert.
- It is automatically updated and that policy changes or fixes can be completed instantly without needing someone onsite.
- It is a thorough solution that inspects every piece of traffic coming into your system on a meaningful level.
- It does not affect your system speed.
- It has a good industry reputation.
If you have covered these five key points then your business’s first line of IT defence should remain strong now and in the future.
What Should You Look for in a Firewall?
Two aspects – the core functionality of the product and how it interacts with your IT Manager/ IT Managed Services Provider
- Multi-packet so that it doesn’t skip anything including larger files
- Deep packet inspection
- High bandwidth/ no bandwidth restrictions
- Internet speed
- Industry reviews/ recommendations
- Interacts with your IT Manager/ IT Managed Services Provider:
- Key point – a firewall needs managed and updated. If you put it in and just leave it there, it risks getting out of date
- Automatic deployment of updates
- Instant access by your IT provider/ pushing of policies
- Customisable policies that block/ allow the sites that you want it to