What Is a Firewall? Why does my business need one?

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Firewalls have been a first line of defence in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.

A firewall can be hardware, software, or both.

In this age of global connectivity, protecting your business’s assets and data is more important than ever. Almost all businesses are connected to the Internet for a wide variety of services. These include email, search, social media, and cloud storage. While much of this traffic is outbound, the fact is that the same Internet connection also allows inbound traffic. That is where having a strong hardware- or software-based firewall comes into play. You can use it to protect your business network from unauthorized access.

Firewall security

Here are the top five reasons why your business needs a strong firewall:

1. A Firewall Is Your First Line of Defence against Hackers and Other Unauthorised External Users

A firewall acts as a barrier, or shield, between your internal business network and the rest of the Internet. Without a firewall, it is possible for external users to access your private business assets. While many organisations use Network Address Translation (NAT) to bridge Internet and external IP addresses, NAT will not block incoming traffic. Only a firewall can do that. Without a firewall, your organisation’s assets and data are at risk.

2. A Firewall Lets You Block Access to Unapproved Websites

In addition to stopping unauthorised external users from accessing your network, a firewall can stop your users from accessing specific external websites. For instance, you could set up a policy that blocks access to social media sites like Facebook from your network.

3. A Firewall Can Protect Your Business from Malicious Code

Some strong firewalls will inspect the traffic going into and out of your network. They look for and block viruses, worms, spam, and other unwanted Internet traffic. They will also log intrusion attempts as well as other violations to business policies. This enables you to examine unauthorised access attempts and other suspicious activity.

Many of these strong firewalls will also let you maintain a list of known malicious applications and known good applications. They will block the malicious applications, while enabling the good ones.

4. You Can Use a Firewall to Meter Bandwidth

A firewall can do more than just provide security. You can also use it to meter and limit the network bandwidth flowing through it. For example, you can limit the network bandwidth allowed for things like non-business videos, music, and images, thereby reserving bandwidth for higher priority business traffic.

5. You Can Use a Firewall to Provide VPN Services

Many firewalls provide site-to-site connectivity through Virtual Private Network (VPN) services. Through this VPN functionality, mobile device users and users at remote sites can securely access your internal network resources. This enhances productivity, collaboration, and data sharing

Types:

Proxy firewall

An early type of firewall device, a proxy firewall serves as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality such as content caching and security by preventing direct connections from outside the network. However, this also may impact throughput capabilities and the applications they can support.

Stateful inspection firewall

Now thought of as a “traditional” firewall, a stateful inspection firewall allows or blocks traffic based on state, port, and protocol. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on both administrator-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.

Unified threat management (UTM) firewall

A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion prevention and antivirus. It may also include additional services and often cloud management. UTMs focus on simplicity and ease of use.

Next-generation firewall (NGFW)

Firewalls have evolved beyond simple packet filtering and stateful inspection. Most companies are deploying next-generation firewalls to block modern threats such as advanced malware and application-layer attacks.

According to Gartner, Inc.’s definition, a next-generation firewall must include:

  • Standard firewall capabilities like stateful inspection
  • Integrated intrusion prevention
  • Application awareness and control to see and block risky apps
  • Upgrade paths to include future information feeds
  • Techniques to address evolving security threats

While these capabilities are increasingly becoming the standard for most companies, NGFWs can do more.

Threat-focused NGFW

These firewalls include all the capabilities of a traditional NGFW and also provide advanced threat detection and remediation. With a threat-focused NGFW you can:

Know which assets are most at risk with complete context awareness
Quickly react to attacks with intelligent security automation that sets policies and hardens your defences dynamically
Better detect evasive or suspicious activity with network and endpoint event correlation
Greatly decrease the time from detection to cleanup with retrospective security that continuously monitors for suspicious activity and behavior even after initial inspection
Ease administration and reduce complexity with unified policies that protect across the entire attack continuum

If you think your business could use a firewall please contact us