A network firewall is a standard necessity for any small business.  Firewalls guard network connections, and they do this in several ways.  All firewalls operate on this one basic premise: they block and allow traffic based on a set of predefined rules.  More advanced firewalls perform deep scans of the traffic going in and out to catch trends…I’ll speak more on that later.  Almost all computers have network connections and are connected to a network.  If you have an Internet connection, you’re connected to the global computer network…the more dangerous of all.

Firewalls can be deployed as software or hardware with varying degrees of effectiveness. Since the release of Windows XP Service Pack 2, all computers have come with a software firewall built-in.  It is a very basic firewall and provides limited security.  Hardware based firewalls are network appliances that physically stand between your Internet connection and your network.  All routers have a basic firewall built-in and also offer limited protection.  This limited amount of protection that is essentially offered for free is worth exactly what you paid for it.

Basic firewalls are passive and very easy for attackers and malware to circumnavigate.  More advanced firewalls do much more than block and allow traffic based on a set of static rules.  They look inside the traffic going through the network connection to see just what is coming in and out.  We can liken a firewall to a door of a building.  A basic firewall is a door with a deadbolt lock.  Whoever has a key gets in.  This is a very ineffective way to guard something that has hundreds of people passing through every day.   When you have an advanced firewall, it’s like having doorman that has decades of experience in investigation and law enforcement.  They’re armed with all of the latest in technology like metal detectors and x-ray machines.  These guys see threats coming from a mile away and prevent them from getting anywhere near the building.  Who would you rather have guarding your business?

During this deep inspection of traffic, the firewall can detect trends and block traffic that it sees as malicious.  It can detect and prevent intrusion attempts by attackers.  It can block viruses from being downloaded through the Internet or in email attachments.  Spyware can also be blocked.  Usually you’ll find most advanced firewalls offer content filtering and secure remote access features.  Content filtering is a service that can block computers on your network from accessing websites based on category or domain.  If you have any remote access, it is imperative that it be secured with the proper amount of encryption.

Preventing intrusion attacks and blocking viruses from ever getting to your network enhances any security and antivirus you have already have by adding another layer to your network security plan.  Just like in the cold of winter, with network security, the more layers the better.  If something gets past one layer, it will most likely get caught by another.

Having a firewall on your computer network is a very simple and inexpensive way to be proactive with the health of your computers.  Catching a virus or other malicious program on a computer can be costly.  The repair normally has to be expedited, and you can have information stolen.  A couple months ago a client of mine caught a malware program on his computer.  It was the fake anti-virus program that attempts to convince you that your computer is infected and that you need to purchase this program to remove the infection.   It’s all a scam, and he knew this, so he called me to remove it.  Before he called me, he made some updates to his website.  His username and password were recorded and sent to the makers of the program.  They replaced his company website with one of their own, that spread the spyware to anyone who visited it.  This did not reflect well on his business when potential clients were visiting the site.  I had to call the website host to have all of his passwords changed and his webmaster had to restore a version of his website from a backup.  Then I began repairing his computer.  It was a bad infection and took an entire day to remove.  The aggravation and downtime involved with events like these greatly outweigh the cost of implementing a firewall on a network.

You can read more about the dichotomy of proaction and reaction in my April article, Downtime Costs/ Uptime Pays.

Most of us have important information on our computers.  Some is our own and some belongs to our clients.  It is our responsibility to keep this information safe.  When connecting to the Internet, we must do whatever we can to prevent this information from getting into the wrong hands.  Some of us work in industries and professions where a certain amount of protection is mandated.  If you’re in a healthcare, financial, or legal trade you know this.  Without a good firewall protecting your computers, you’re just not doing everything you can to protect your computers.  

I recommend network hardware firewalls for all my clients. They protect everything on the network from Internet threats and can even protect individual network segments from each other.  I primarily work with SonicWALL brand firewalls.  They’re perfect for small and medium sized businesses and offer very robust security at very affordable costs.

© 2010 Engler Information Technologies, Inc

Posted in Security
No Comments Yet Posted by Chris Engler