We’ve all heard the term “firewall.” In fact, it’s the firewall that’s often blamed when a user can’t do something he wants to do (like stream Pandora at the office). “It’s that darn firewall… it needs to be changed.”
But what, really, is a firewall and what is it designed to do? A firewall sits between your local computer/computer network and the internet, and acts like a gatekeeper. More specifically, it is the part of a computer system or network that enforces security policies designed to block unauthorized access to your system from the outside, while permitting communication to the internet from the inside.
Where would you find it? Is it software on your computer? Is it software on your server? Is it a piece of equipment on your network? The answer is yes … to all three. In today’s world, firewalls have evolved to be a multi-tier threat-detection and prevention collection of policies, rather than a one-size-fits-all device. There are NAT firewalls, proxy firewalls, application firewalls, stateful firewalls and packet filter firewalls. Some of these are included in your internet firewall, some are included in your PC’s firewall, and some may even be included in your server’s firewall.
Is a firewall all I need to protect my systems from identity theft, spyware, and hacking? No. But it is an essential part of the protocol and typically the first line of technical defense against an enemy that is always ready to spring. Here are a couple of facts that amplify that point:
- A typical unprotected PC will come under attack within 20 minutes of being connected to the internet, according to the Internet Storm Center.
- There were 761 unique cyber breaches during just the past year that led to theft or compromise of 83,176,279 individual records, according to the Identity Theft Resource Center.
So you can see why your defensive strategy should involve a multi-tier approach that, in addition to the firewall, should include, at a minimum, Anti-virus software, anti-malware software, and user awareness training. And not all firewalls are the same. Make sure to get a business class firewall for your business, as opposed to a home grade device. These firewalls have more features, including Stateful Packet Inspection, Network Address Secure Remote Access, Intrusion Prevention, Gateway Anti-Virus and Gateway Anti Spyware, as well as the dreaded Content Filtering, which prevents users from accessing websites that are restricted by company policy (no, you can’t check your fantasy football league standings at work). They also have the horsepower to ensure that internet access is not slowed by all the protection activities the firewall is performing real-time.
Some other reasons to use firewalls:
- They can provide internet usage reports to see where your traffic is coming and going from, as well as what your users are doing.
- They can prevent specific traffic, like streaming music, and can limit bandwidth used by certain applications.
- They can help remote users connect to the network securely.
Implementing a multi-tier firewall policy can have many positive effects on a computer network. Besides the obvious – protecting data – computers will run more efficiently, user productivity will improve (because users can’t access unauthorized websites), and internet bandwidth won’t be consumed by inappropriate use or traffic caused by spyware, which slows everyone down.
It’s important to note, however, that firewalls are not something you pull out of box and slap in the network. It takes experience and expertise to specify and configure firewalls to meet an organization’s needs, but the effort will produce significant returns.