Firewall protection is among the most basic concepts in cybersecurity. Long before Hillstone Networks was dealing with things like zero trust network access (ZTNA) and network detection and response (NDR), hardware and software firewalls were a proven defense mechanism against all sorts of external attacks. How much does your security team know about firewall protection?
The Hillstone team is fully committed to the principle that every organization utilizing computer networks in any fashion should have firewalls in place. If you are not sure why, perhaps some research into what firewalls are and what they do is an order. In the meantime, we have put together the basics of firewall protection in five concise points.
1. The First Line of Defense
A firewall is effectively a shield standing between your organization’s network and the rest of the internet. Given that the origin of most cyber-attacks is external, having as many barriers as possible in the way makes launching an attack against your organization more difficult. Think of a firewall as a roadblock. Think of it as your organization’s first line of defense against external threats.
Just as in a military setting, that first line of defense will not stop everything. But it does weed out less serious threats while slowing down their more serious counterparts. The stronger an organization’s firewall protection, the fewer the number of external attacks that get deeper into a network.
2. Both Hardware and Software Firewalls
Organizations have different needs when it comes to firewall protection. As such, they can choose between hardware and software firewalls. Some organizations use both. A hardware firewall is a physical device deployed between a network and the internet. It filters traffic in both directions.
A software firewall is installed on a targeted device. This could be a server or even a single computer utilized by one individual. A software firewall is considered a secondary layer of protection capable of filtering traffic at the OS level.
3. Security Through Access Control Lists
A firewall’s primary means of security is something known as an access control list (ACL). An ACL is essentially a set of rules for blocking or allowing traffic based on predetermined criteria. ACLs typically invoke rules based on IP addresses, port numbers, and communication protocols.
It is also important to note that ACLs are rarely static. They are continually analyzed and updated to maintain maximum protection.
4. Granular Control Is Possible
It is possible to achieve granular control over incoming and outgoing traffic by deploying multiple levels of hardware and software firewalls. Because software firewalls can work at the application level, security teams can fine-tune their targeting to control how certain applications access the internet. Additional fine tuning can control application resources.
5. Firewalls Offer Additional Benefits
Finally, while firewalls are primarily designed to monitor and filter traffic, they offer additional benefits. For example, a firewall can be utilized to meter and limit network bandwidth. Why would an organization do this? To control how users access the internet – to keep them from activities like watching videos, accessing social media and ensure enough bandwidth for critical businesses.
Some firewalls can be implemented to facilitate a virtual private network (VPN). Combining firewall protection with VPN services allows an organization to access the internet more securely by masking sensitive network information.
Hillstone Networks strongly recommends that any organization without sufficient firewall protection in place change that right away. Hardware and software firewalls are comparatively easy to deploy and maintain. At the same time, they are highly effective at monitoring and controlling traffic. Not utilizing firewall protection is leaving a valuable resource on the table.
