You know it’s there. Over there in the corner, by the server, all blinking lights and aerials. Maybe you even know a little of what it does and why firewalls are so important. But the real question is “How well is the firewall protecting my business from attack?”
We know our clients like to relax, happy in the knowledge their IT is taken care of; it’s one of the big benefits of using Three Cherries for Business IT support. Just like some drivers want to know what’s under the hood of their car, some of our clients like to know a little more about how and why their IT is working.
What, exactly, does a firewall do?
OK, so we’ve all seen one of those Hollywood movies where a bad guy is hacking a firewall to get hold of some nuclear launch codes. While films normally take a large amount of artistic licence with IT, they are right about one thing in this case; a firewall sits on the outside of your network and acts as a gatekeeper protecting you from the internet. It does that by having all the traffic from the internet pass through it on the way into your network. Some things it will allow through (like data from websites you are visiting and email sent to you from other companies) and some it will stop (people looking for nuclear launch codes, for example). It’s how it makes these decisions on what to allow and what to block that largely decide exactly how effective it will be at protecting your network.
It’s all in the details.
Without getting into the complexities of types of traffic that pass into, and out of, your network, we need to look at exactly how a firewall examines the data it deals with. A pretty good analogy here is the postal service that delivers your letters. Obviously, your business only wants valid letters getting to staff. Junk mail and letters with inappropriate content need to be stopped before they get to you. To this end, you have a mail room with staff who apply a set of rules to all the post they receive. Their set of rules might look like this ;
Is the letter in response to something we sent out (i.e a reply)? Let it through. >>> Is the letter from a trusted source, like a bank or government agency? Let it through. >>> All other letters need to be inspected
Now, the important bit. After allowing all the letters that are trusted, the post room needs to decide what to do with the pile of letters left over. Do they open and just check what’s in the envelope? Do they read the letter? Do they check the signature? Do they check for invisible ink? It’s the level of additional checking that really secures your organisation. The more checking, the more post room staff you need. What if someone sends a malicious letter, but in a fake bank envelope? Maybe you need to check every letter after all. That’s more staff needed again.
OK – enough analogy, back to firewalls. Some firewalls examine traffic at a fairly casual level and then the more complex the firewall, the deeper it looks at the traffic. Top end firewalls unpack everything and then examine all sorts of things to see if the data contained within is safe. An example here is if someone sends a Word file to you. Does the firewall simply say “OK, email with word file, that’s fine” or does it unpack the Word file and then check for a virus in the actual Word file. It’s this level of security that sets a top end firewall apart from the simpler models.
Does my business need a complex firewall?
Sadly, in today’s business environment, every business needs the very best firewall capabilities available. The good news here is that the more forward-thinking manufacturers, like Sonicwall, produce affordable firewalls with the very best protection designed for smaller businesses. Remember the mail room example, with more staff needed for the extra checks? This corresponds to the processing power of a firewall. Too little processing power and your internet speed slows down while the additional checks are performed. The key to a true professional grade business firewall is that it has the brains to perform these extra checks without bogging down. If your business is a little larger, you may need some additional features like automatic encryption management, extra secured WIFI and advanced traffic control. That’s where you can relax since we’ll take care of finding out exactly what you need when it comes to the really complex stuff.
While we’re in no doubt you’re sick of hearing about GDPR, it does cover how you protect your network from attack. There is far more to GDPR compliant network security than questions about your firewall, but it does need to be looked at if you are carrying out a full GDPR audit.
Our aim is that all our customers have a firewall that provides this type of advanced protection. Just like computers, firewall technology advances so it’s important to take a regular look at what your current firewall provides in comparison with what the current cutting edge can provide. For that extra slice of peace of mind, why not let one of our technicians check over your current firewall? Get in touch to get things started.