If your operating system has a firewall, nothing can penetrate it, and you can stop worrying about cyber attacks. Right?
Unfortunately, no. Nothing is 100% foolproof, not even a firewall. However, firewalls have been part of the front line of defense against unwanted intrusions for more than 25 years. Today’s options are far more sophisticated in design to reflect the growing threats from cyber criminals. The importance of a firewall cannot be overstated. Firewalls do a great deal to protect a network and its infrastructure, so it should be viewed as a critical part of network security.
Bear in mind, however, that hackers are extremely resourceful and resilient, and are always looking for ways to penetrate systems and steal valuable information. Even with the strongest firewall protection, it is imperative to factor in the reality that around 90% of all attacks on a network system originate with human error (an employee inadvertently clicks on a malicious email, for example). So the strongest firewall and network is only as good as its weakest link. Said differently, employee training is also a critical component of protecting your network and infrastructure.
What is a firewall, exactly?
Think of the firewall as the “first line of defense” against cyber criminals.
Antivirus software provider Norton characterizes a firewall as a “traffic controller,” stating, “It helps protect your network and information by managing your network traffic. This includes blocking unsolicited incoming network traffic and validating access by assessing network traffic for anything malicious.”
The firewall is further defined as a security system with the objective of preventing unauthorized access into – or out of – a computer network.
It monitors incoming and outgoing traffic and “decides” whether to allow or block traffic based on security rules established by you, as owner of the business, often with the input and support of your network administrator and/or Managed Services Provider (MSP).
Many operating systems do come with some type pre-installed firewall, which can provide a level of protection, assuming that the appropriate security features are turned on and working and are configured to run and install updates automatically.
A firewall can be comprised of hardware (with specialized software installed on it), software (a program on the computers which works through port numbers and applications), or cloud-based (or a combination of several). What type is right for a business depends on the needs of the business. What a corporation with 200 employees and workstations may need might be different from a hybrid office environment with three on-site and fifteen remote employees.
What are some types of firewalls?
Verizon lists the most common types of firewalls as:
- Packet filtering firewall, which checks data packets based on predefined parameters. They cite the disadvantages as being difficult to configure and not providing detailed incident logs about the contents of the packets.
- State-full firewall, which tracks network connections and their attributes, like IP addresses, and filters incoming and outgoing packets over time, storing and evaluating cumulative data to improve filtering decisions.
- Web application firewall (WAF), working with web servers hosting websites or applications, and which typically applies a set of rules to HTTP communication that counter the most frequent types of attacks.
- Next-generation firewall, scanning scan packets from applications and having the ability to identify and block malware from getting into the network
Why does a business need a firewall?
Any business which uses the Internet (which is at or near 100% of all business today) should have a firewall in place to help protect against cyber threats.
Without a firewall, your network essentially allows every attempted connection into the network, potentially leaving your system vulnerable to malicious users.
A Norton report puts it even more somberly, saying that without a firewall the company devices are unprotected, potentially allowing someone to gain control over the network. This could result in a cyber criminal operating your computer remotely and sifting through valuable company data. And without a firewall, an attacker can shut down the network. We all understand the inconvenience of “down time” and usually measure it in minutes. Imagine it going on for hours or days. A firewall also gives you greater control – not only over what comes into your network, but what you allow employees to access from within.
Firewall protection is (or should be) an important part of your network protection. Whether you have a simple question about how to configure what you may already have in place, or would like to learn more about what is the best firewall protection for your organization, contact us here or give us a call at (888) 357-4277.