Cyber Security Tip of the Month: Using Firewalls to Help Secure Data
Firewalls are an important element of a multi-layered security approach. A firewall is a network security device that helps protect your network by filtering traffic. If your network were a venue the firewall would be the bouncer at the door that decides who gets in and who gets out. Firewalls help secure sensitive data and prevent data loss while protecting the network from viruses, malware and cybercriminals. There are several different types of firewalls, finding one that suits your business depends on your needs.
What is a Firewall?
Firewalls can be software based or hardware based. While there are pros and cons to both, a robust security approach should include both. Software firewalls are installed on individual devices and can distinguish between different programs on a computer therefore having the ability to allow data to flow to one program while blocking another. Software firewalls can be expensive since they must be installed, maintained and updated by an administrator. Hardware firewalls are physical appliances that sit between a private network or local area networks (LAN) and the Internet. The firewall inspects both inbound and outbound traffic allowing and denying packets based on preestablished security policies and access control list.
Outside of whether they’re software based or a hardware appliance, firewalls can also be differentiated based on what level of the Open Systems Interconnection Model or OSI Model they operate on. A layer 7 firewall is a type of firewall that operates on Application layer of the OSI model. Instead of filtering traffic based on IP addresses Layer 7 firewalls can investigate the contents of data packets to find malware or other threats. Network firewalls or layer 3 firewalls operate on the Network layer of the OSI model. Network layer firewalls monitor and filter traffic using IP address and port addresses. Network firewalls are unable of inspecting the contents of a packet. A web application firewall (WAF) is an application firewall for HTTP applications. Rules on these firewalls usually cover attacks like Cross-site Scripting (XSS) and SQL injection.
Next Generation Firewall
A Next Generation Firewall (NGF) can be seen as a combination of a few different firewalls that addresses some of the vulnerabilities in traditional network firewalls and application firewalls. In addition to common features like stateful inspections Next Generation Firewalls are also capable of integrated intrusion prevention, blocking suspicious apps and URL filtering. Unlike traditional firewalls a next-generation firewall is capable of deep packet inspection or DPI. With DPI the firewall can evaluate the packet and based on predefined rules weed out spam and virus and block them from the network. Based on the rules the administrator sets Next Generation Firewalls can locate, detect, categorize, block and reroute packets based on specific code or data payloads. Deep packet inspection can also check the content to determine the packet’s origin such as the service or application it was sent from.
Even though firewalls will not prevent 100% of cybersecurity attacks, having one in place is still a crucial component of a multi-layered security approach.
Need help with your business network and cyber security? Contact Us today!
Want more tips? Subscribe to our weekly cyber security tips. Each week we'll send an quick and easy cyber security tip to your inbox.
