WHAT IS A FIREWALL?
A firewall is a networking device designed to sit at the forefront of a network to control and monitor the connections both to and from the internet. Modern firewalls incorporate many features and technologies to provide a range of defenses and services that not only protect the network but allow for greater functionality and connectivity options.
WHY IMPLEMENT A FIREWALL & GATEWAY APPLIANCE?
Firewalls are now considered to be a standard requirement for any business running a network with internet connectivity. Firewall use has even extended to internal networks used to segregate specific segments and control internal access requests.
Older firewalls were considered to be primarily network layer devices that simply controlled connections between device on an address and port level but modern firewalls have far exceeded that functionality.
By operating at the top layer of the OSI model, modern firewalls are able to perform application layer filtering allowing for a massive degree of control and functionality.
Most modern firewalls incorporate advanced technologies and even integrate to cloud based systems to provide a wide range of service and connectivity options such as the following:
- Web filtering solutions
- Mail filtering solutions
- Advanced application awareness
- IPS/IDS defenses
- Inline AntiVirus Scanning
- Site to Site VPN connectivity
- Mobile user VPN connectivity
- SDWAN capability
- Advanced Logging and Reporting Functionality
- Traffic management features
- Authentication Services
- And many more
Modern firewalls are advanced networking devices allowing for many NAT related features. This means they can host a range of public IP addresses and then pass connections through to services hosted on internal servers.
As these connections are passed through the firewalls scanning engines, connections can be analysed for such things as malicious attacks, malware or even APT associated behaviour. Connections can also be load balanced between multiple targets and all can be integrated with either vendor-provided or third party logging and reporting solutions to assist with business analytics and other information gathering.
Firewalls allow for a range of VPN related services. Virtual Private Networks (VPN) allow multiple locations to be connected as if they are local to each other. In a business setting this means a company spread across several geographic locations can share and utilise resources across all locations as if they were located in the same office.
This extends to remote workers allowing people to work “on the road” or at home but still act as a host on the internal company network. This is all achieved using a high level of encryption and authentication to ensure all data transmitted is safe from prying eyes.
Web filtering can protect your users from compromised sites, downloading malware, wasting time on social media and even block access to undesirable locations such as adult sites or sites with hate or racist themes. All web browsing can be logged and reported to allow for greater management of human resources and to allow for analytics such as bandwidth usage or amount of time spent browsing.
Mail filtering can help to stop SPAM emails as well as a range of malware transmitted via email. With proper email filtering, defences can also be added to mitigate phishing attacks which are considered to be a major risks to modern networks.
Both filtering types can be substantially enhanced when combined with other advanced features such as AntiVirus, Traffic Management and Data Loss Prevention services. This allows a network administrator to truly understand and control the movement of data in and out of the network, allowing for increased security, cost management and a more stable working environment.
A comprehensive firewall configuration can include advanced features, many are vendor specific so the choice of firewall platform means the options available can vary. Some firewalls allow for connections to 3rd party services to utilise extra functionality and can include things like:
- DNS filtering based on threat intelligence feeds
- Plugins to client software than can report on desktop behaviour
- Additional Sandbox scanning for modern APT threats
- WAF functionality
- WiFi connectivity and control systems
- Client-less VPN portals
Whatever your connectivity needs a firewall is definitely a required piece of technology in the modern security landscape. Precursor Security can not only advise on the best solution to fit your needs but also provide comprehensive services around the device including installation, configuration and training to ensure you not only have the highest level of protection but also you feel confident in using your product moving forwards.
For businesses that wish for a more hands free system we can offer a range of support and management options to reduce your day to day interactions with your firewall appliance and allow us to apply our expertise to ensure you get the most out of your purchase.