Three Things You Should Look For in a Firewall

Daisy_Corporate_Services_Three_Things_to_Look_For_in_a_Firewall

We look at three things your business’ firewall absolutely must deliver to keep you covered.

As the first line of defence in your business network security, a secure firewall is one of the most important pieces of your network’s infrastructure. Without it, any hacker or intruder can access your critical and confidential information.

With more and more sophisticated threats developing every day, it can be both time-consuming and difficult to stay ahead of the curve in keeping your business protected. It takes more than just purchasing a piece of hardware, plugging it in, and calling it good.

You see, simply having a firewall in place, doesn’t automatically prevent any potential problems. Think of it as having a fishing net –  having it in your arsenal means you have the means to catch anything that needs catching, but whilst you’re doing this, what else are you letting in through any holes?

Here are some things to look out for in your next firewall:

Application, usability and control

Today’s application developers no longer adhere to standard development methodology. And as a result, more and more applications are capable of either operating on non-standard ports or, in some cases can hop ports – think instant messaging applications, peer-to-peer file sharing, or VoIP.

Additionally, users are now becoming increasingly savvy enough to force applications to run over non-standard ports such as RDP and SSH. While developers such as Facebook and Google are providing their users with rich sets of features in order to cement loyalty it may also represent very different risk profiles.

As a result, the concept of “once and done” traffic classification is not an option, as it ignores the fact that these commonly used applications share sessions and support multiple functions. If a different function or feature is introduced in the session, the firewall must note it within the state tables and perform a policy check.

So, in order to enforce application-specific firewall policies where ports are increasingly irrelevant, your next firewall must assume that any application can run on any port and therefore identify and control applications and their functions on all ports, all the time; continually tracking in order to understand the specific functions that each application supports, as well as the array of associated risks.

Allowing you to create comprehensive, precise security policies, resulting in safe enablement of applications, a firewall such as Palo Alto Networks Next-Generation Firewall, classifies all traffic, including encrypted traffic, based on application, application function, user and content.

Cloud protection and integration

Most of us are well aware of the benefits of implementing cloud technologies; they enable greater agility, scalability and an ability to make your business more responsive. And while all these are fantastic tools for a business to be wielding, we often forget about security challenges that such solutions pose.

A modern firewall must be able to identify and control cloud SaaS applications; both to protect those which are sanctioned by IT, and block those that are not. It should be able to use its knowledge of cloud apps to provide data loss prevention (DLP) to prevent sensitive data from leaving the corporate environment.

Rather than simply seeing the cloud as a threat, your next firewall should make full use of the cloud to deliver functionality at a scale not available with on-premises firewalls. Technology such as Palo Alto Networks WildFire can automatically send suspicious files or links for cloud sandboxing and analysis. By using the cloud to assess the sample’s properties, behaviours, and activities, your next firewall can utilise aggregated information to deliver additional protection whilst minimising expensive on site deployments.

What’s more, the explosive growth of virtualisation and cloud computing introduces a constant stream of more advanced security threats that are difficult if not nigh-on impossible for internet edge legacy firewalls to effectively manage. In order to protect critical business infrastructure no matter the location your business’ next firewall needs to deploy and deliver the same functionality whether deployed as a hardware appliance, virtualised in the data centre, or deployed in IaaS environments such as Microsoft Azure, Amazon Web Services or Google Cloud.

To manage or not to manage?

An unmanaged or mismanaged firewall poses a number of threats to an organisation. Many businesses enter a false sense of security in believing that one of the most critical security measures of any business is only allowing safe and approved traffic.

With the firewall part of the communications stream, any device failures result in a complete loss of connectivity directly affecting the business’s ability to communicate with customers, employees, suppliers and partners. Failing to patch or upgrade firewall firmware or software regularly may make the device a target of compromise, while not performing patching regularly can cause issues with firewall performance and availability when the patches are eventually applied. Not to mention that your business is soon exposed to violation of regulatory compliance such as PCI compliance and GDPR.

The bottom line is that most businesses simply do not have staff with the specialist security skill in all security areas and technologies. Keeping up to date with changes in technology requires regular training and a large team to support a 24×7 business.

So do you or don’t you?

Like all managed services, it’s about making a simple choice between whether you have the skills, time and resources internally to take over the management of the firewall or not. If you do have a security expert internally then it makes sense to put the management of the firewall under their control but consider whether they’ll be able to support the solution round the clock or just within the realms of the 9-5. If however, you’re not in the business of security then it makes sense to hand it over to someone who is.

By working with leading security partners such as Palo Alto Networks, Daisy’s Managed Firewall Service is designed to provide 24x7x365 management, monitoring, support, and alerting across devices on our supported device list from a skilled team who are just a phone call away. It also means that you mitigate risk, by transferring responsibility to a provider who deals with next generation firewalls all day, every day.

So why not give it a try?

Call us today on 0344 863 3000 for more information on how best to protect your business
Steve Burden

About Steve Burden

Steve Burden is Product Manager for Security at Daisy Group, the UK’s leading end-to-end business communications and IT services provider.