Your Practical Guide to Firewalls - their benefits and limitations
Firewalls are widely available and getting one set up on your network is easy, but it’s worth discussing:
- What a firewall is
- How it works
- The advantages of using one
- What it cannot do
So, what is a Firewall?
Having a firewall is like having a shield or barrier around your company’s IT network. It can help protect you and your users from malicious content by denying entry to your network.
But with so much content on the internet, how does it know what to let in and what to reject? The answer lies in things called packets. These process the website traffic that wants to make its way into your network.
When the packet reaches your firewall, the firewall will then make a decision. If it thinks the data in the packet is safe, it will let it into your network. If it thinks the data is harmful, it will reject it.
Many devices have a built-in firewall that works this way. This is called a hardware firewall.
For extra safety, you can install an additional firewall using a third-party application. Another name for this is a software firewall. It can monitor the traffic that is going out and whitelist any sites that are known to be dangerous.
How does a Firewall Work?
As we mentioned, there are two kinds of firewall: hardware and software. A hardware firewall is a physical appliance in your communications rack which all your internet traffic routes through and monitors incoming and outgoing web traffic. A software firewall is installed on servers, appliances and desktops and helps to monitor incoming and outgoing web traffic.
They work differently but serve the same purpose: to protect your network and keep your users safe from malicious activity.
There are lots of public lists that can be cross checked by your firewall to ensure harmful websites are blocked. The firewall can also pick up on inbound virus, crypto lockers and other nasty web elements you want to keep out.
Most devices come with a hardware firewall built-in, so there is little setup required and they are easy to get on all devices in your network.
Software firewalls usually must be installed with a third-party application, meaning some manual setup will be needed. You will also have to get licensing to cover all the devices that the software is installed on.
Once you have a firewall setup, there are lots of configurations you can deploy. You can arrange for it to monitor and block traffic based on several criteria, including:
- IP address. This is a unique 32-bit number that is assigned to every web address. The 32-bit number is presented as four ‘octets’ in a ‘dotted decimal number’, like this: ‘216.28.62.138’.
- Content filtering. Block/whitelist certain categories of websites based on organisational policies ie blocking social media websites
- Domain name. Perhaps the easiest way of identifying a website. Ours is www.optimity.co.uk.
- Protocols. How someone accesses an online service. The protocol for a web browser would be ‘https’.
- Ports. Server machines make services available to web users with numbered ports. You would usually find a web server on port 80.
- Words and phrases. If you don’t want your users visiting a site with a particular word or phrase on it, you can set up your firewall to work this way.
- Behaviours and changes. To help detect behavioural changes and secure the network, such as hacking attacks, or large data removal across the web.
The Advantages of a Firewall
You can prevent unauthorised remote access
Imagine this: you are sitting at your computer or tablet, and you see the cursor moving on-screen, but you aren’t moving your mouse. Somebody is using your device remotely. Unauthorised remote access means you are no longer in control, and the person who has accessed your device could get hold of any information they want. Firewalls can help prevent this from happening.
You can test lots of configurations
There are so many ways you can set up a firewall in order to protect your network. Your IT support provider will be able to help you determine what the most effective methods will be.
One of these methods might be to temporarily block access to everything. Although this may seem time-consuming, you will be able to work out what access is essential for your users. You can then allow or deny access to non-essential sites on a case-by-case basis.
You can combine hardware and software firewalls for ultimate resilience
Most devices come with a hardware firewall by default, which can offer protection against incoming traffic. When you install a software firewall, you will also be getting protection from outgoing traffic and a whitelist of known dangerous activity.
For extra protection, you should equip all of your devices with a software firewall. That way, you can reduce the spread of malicious content between your network users.
Firewalls are great for all the reasons we have mentioned here, but they are not always enough on their own. Sometimes, extra software and human initiative is needed to provide maximum safety.
What a Firewall can’t do
Firewalls cannot always block a social engineering or spoofing attack. For these, a hacker will imitate a legitimate company online in order to trick you into doing something you shouldn’t. Because they look real, they may slip past a firewall unnoticed. Email scanning software can help to prevent this though.
Firewalls won’t always prevent malware, viruses and worms from entering your network either. For this, you need an antivirus software programme. In the event of something getting past your network, your antivirus will be able to deal with it.
While all of this should help keep you well protected, it can never hurt to use your own knowledge of cybersecurity best practices and educate employees about this. Your employees need to have a good knowledge of these because statistically speaking they are your biggest (albeit unintentional) threat.
Things you can all be doing include:
- Regularly updating software. A lot of software will update itself automatically, but it is always worth ensuring that this is the case. It is essential for avoiding glitches and bugs.
- Using strong passwords. Make these as hard as possible for cybercriminals to guess, and do not share them with anyone. Even the people you trust.
- Being aware of spoofing attacks. This is when an email or website or email sender appears to look legitimate but is malicious. Keep a careful eye on domains, sender information, attachments and content, and don’t do anything you feel unsure about.
Protect Your Network With a Firewall
Hardware and software firewalls are both designed to protect your network from malicious activity. Most devices come with a hardware firewall built-in, which monitors incoming traffic. A software firewall has to be installed and licenced for each device and can monitor outgoing traffic.
Firewalls can monitor and prevent access to websites based on lots of factors, including:
- IP addresses
- Domains
- Protocols
- Ports
- Words and phrases
And with a firewall, you can:
- Protect your network from unauthorised remote access
- Trial lots of configurations
- Combine a hardware and software firewall for ultimate resilience
But firewalls cannot do everything by themselves. That is why your employees need to have a good knowledge of cybersecurity best practices, and you should combine your hardware and software firewalls with an antivirus programme.
To learn more about firewalls and what is available for your network, contact us for a managed networks quote. We can help you determine what kind of protection your business needs.