When a layperson is asked about cybersecurity, “firewall” is likely to be one of the first phrases that come to their mind. You might well be one of these people. But do you actually understand what a firewall does and how it protects your device and company network?
That’s exactly what we’ll be going through in today’s blog post. While this topic might seem pretty complex and confusing at first glance, we’ve done our best to break down this topic so that anyone can understand the basics of why having a good firewall should be an important part of a good IT strategy. So read on to discover what exactly a firewall is, how it works and what kind of a product is best for you and your organisation.
What is a firewall?
Simply put, a firewall is a piece of software or hardware that acts as a gatekeeper for all the data coming in and out of your organisation.
The way computers communicate across the internet is through small “packets” of code. Your firewall inspects these code packets against a set of pre-established rules to evaluate whether letting it pass poses a security threat to your device or wider network. In this way, it protects your organisation from cyber attacks by acting as a kind of bouncer for access to your data and resources. It does this by managing and controlling your network traffic and recording and reporting on activity.
Managing and controlling your network traffic means that you can have more confidence over the data that comes in and leaves your organisation. You can set any number of your own rules to block specific domain names, protocols, IP addresses and so on, though your firewall will likely come with some pre-configured rules as well to make sure you have protection from day one.
The recording and reporting of your network traffic is an invaluable resource if you do ever find your organisation under threat of a cyber attack. This is because having a log of all the data coming in and leaving your organisation’s network can help you locate the weak spot where the leak took place.
Why does my organisation need one?
The benefits of having a firewall to protect your company devices are so various that really, we can’t recommend going without one. If you do this, you’re basically leaving your front door open to the entire internet and anyone can get in. When you use a firewall, your IT department can set rules for packet filtering so that only specific ports can transmit and receive data from outside the organisation.
This lets you tailor your security protocols to meet the needs of your organisation and even provide different levels of access to specific people in your organisation. You could even limit your employees’ access to certain websites to make sure they’re not spending time on something like social media platforms while on the clock.
More importantly, though, your firewall helps protect the information in your network from data breaches. Based on the rules you set for it, your firewall will give access to information coming through things like email and web browsers, while inspecting the data that comes from ports not specified by your set rules.
It estimates the risk that a data packet like this poses by scanning its title and comparing it against rules it has for data coming from unknown ports. This is a strict process, and a lot of data coming from unknown ports will be discarded.
However, we should point out that a firewall is not a complete IT security solution for your organisation. It offers good protection from human intruders to your systems, but they can’t protect you from many common forms cybercrime, such as viruses. This means that your data could still be compromised if, for example, one of your employees clicks on a link in a phishing email.
This is why you need to supplement your firewall with additional in your cybersecurity strategy, such as cybersecurity awareness training, anti-malware software, frequent data backups and file encryption.
Different types of firewalls
There are many different types of firewalls and what is right for you depends on what your priorities are. The two most common types of firewall are host-based and network-based. In short, a host-based firewall is installed onto individual servers, while a network-based firewall is a virtual, often cloud-based service.
The good thing about host-based firewalls is that they’re highly customisable to each device and protect your organisation’s devices wherever your employees go. Meanwhile, network-based firewalls are easier to scale up to protect your entire network as it grows. They’re also better-equipped to stop hackers from gaining administrator access and turning off your firewall in order to install damaging code on your devices.
This means that at the end of the day, a network-based firewall offers more sophisticated and comprehensive protection. However, this level of protection isn’t always necessary. For SME’s with fewer devices, a host-based firewall installed on individual endpoints will likely be enough, while larger organisations will benefit from the more advanced security and scalability provided by network-based firewalls.
What should I look for in my firewall?
This depends on what kind of protection you need from it, as the differences between host-based and network-based firewalls we went over demonstrate. A firewall is important for all devices that connect to the internet and have access to your company data, but especially so for employees who work remotely, as connecting to public wifi in a place like a cafe exposes your computer networks to more external risks.
To protect your organisation’s endpoints and data wherever your employees go, you’ll need to make sure their devices have adequate host-based firewall software installed. You can use your organisation’s asset register to help you keep track of where updates like this are needed. Meanwhile, for larger organisations, relying on host-based firewalls can easily become less cost-effective and need more attention from the IT department than a virtual, cloud-based service would require.
Ideally, you’d have access to both types of firewall, giving you the most protection possible. Many of our clients use and find value in firewall solutions provided by SonicWall, a company that provides a wide variety of cloud-based network security solutions. For those who need an added layer of security for their individual devices, they also offer a content-filtering service as an add-on to their packages, allowing you to remotely limit access to potentially harmful web content.