What is a Firewall?
A firewall is either a device or software that acts as a barrier against incoming traffic from external sources such as the internet. Firewalls applied to networks – for a home office or a global government network – block cyberthreats such as unauthorized access to the network and everything connected to it. Current technology is often labeled ‘next-generation firewall’ because it has added analytical capabilities that can stop advanced cyberattacks such as malware, ransomware, and encrypted email and attachments.
Why all networks — even your small office or home office network — are targets for cyberattack.
Why we need firewalls, even next-generation firewalls, stems from the combination of an ever-growing list of Internet of Things (IoT) — devices that do not come equipped with firewalls — and mounting cyberthreats. Most IoT devices need regular data updates via the Internet, while others transmit data such as video recordings or grocery lists through the same process. They all “listen” to the network through “ports,” which are endpoints for incoming and outgoing network communications — and this is where they are most vulnerable to cyberattack.
Just think about all the devices that we’ve added to our networks: printers, scanners, video cameras, audio devices, and so on. If you have a home office, you may have connected baby monitors, smart home thermostats, lawn watering systems, even your stove or refrigerator.
Some desktop computers come equipped with software firewalls, but the protection is limited. Phones (starting with iPhone 6) have operating systems limiting listening ports and unnecessary network utilities such as telnet, shells, or web servers. Yet, modern phones are on the same level as your computer when it comes to common hacks and attacks. That means they may be just vulnerable.
If you lack a dedicated firewall for your home business, your Alexa device is a sitting duck. If your firewall system at your business is outdated, you’re putting your entire company at risk.
Why everyone needs a Firewall.
Think of it this way: You wouldn’t leave your front door open to anyone who wanted to enter, right? Without a dedicated, updated firewall, all devices connected to your network, whether connected via Wi-Fi or a hardwired connection (e.g., RJ45) — each is an open door to the outside world wide web.
And as pointed out earlier, while many desktop computers have software firewalls installed, these simple functions cannot stop advanced and sophisticated network attacks, which are becoming more and more common.
Wi-Fi router that connects your home network to an Internet Service Provider (ISP) has some firewall protection, but only the barest. Determined attackers armed with next-gen ransomware and encrypted threats can easily bypass low-end ‘port-watcher’ firewalls that only monitor ports and communication protocols. That’s how cybersecurity has risen as a critical issue for everyone who uses the Internet for business, entertainment, and pleasure.
The best protection for networks is dedicated firewalls that deploy a full range of protection for any type of attack. They minimally monitor all communication ports for unauthorized access and keep your home, family, and business safe. By connecting a dedicated hardware firewall to your router, and your connected devices to the firewall, you slam the door on unauthorized access to your network. But as we have quickly learned, the best firewall protection must also prevent intrusions from encrypted attacks, ransomware, phishing, malware, and new cyberthreats as they emerge.
What to expect from a next-generation firewall.
The false faith in basic firewall protection came to a crashing end in September 2016 when hackers hijacked millions of IoT devices – mostly internet-connected cameras – from two different networks. It was a massive ‘botnet’ attack that demonstrated how vulnerable a network systems are against well-orchestrated attackers. It also demonstrated how advanced cyber-attacks had become.
The event in 2016 and others since taught the industry valuable lessons. These lessons formed the foundation of what developers dubbed “next-generation firewalls.” The first big lesson was that firewalls must continuously monitor the network data stream. Instead of merely blocking unauthorized access (i.e., port watching), firewalls must have the capacity, flexibility, and scalability to stop the flow of an attack before it can do damage. The second lesson was that firewalls needed to do all that AND function well in real-time, high-speed networking environments.
The Importance of ‘next-gen’ features and specifications.
The bottom line is that simple ‘port-watcher’ technology is not enough. But that’s where the story picks up. Industry leaders are building ‘next-gen’ technology that meets the task of fending our networks from the bad guys. It is now possible to expect good cyber-security technology with top-level protection, even at faster broadband speeds.
The latest deployments involve complex machine-learning algorithms for threat research and risk analysis. This form of artificial intelligence is uniquely suited to arm networks with defensive strategies to keep up with the ever-morphing battlefields of cybersecurity.
One distinctive characteristic of the latest firewall technology is how some don’t involve the firewall per se, but a blended solution from other important cybersecurity aspects: analytics and reporting. For instance, in the newest systems, network administrators have tools like risk scoring to help spotlight potential gaps in the network defenses with real-time analytics. And reporting is often customizable to match administrative workflows and compliance reporting requirements.
We expect that the latest security will slow bandwidth to a crawl with all of this filtering and real-time data monitoring. Not so. Newer cyber tech comes with notations such as “application inspection throughput” and “threat prevention throughput,” which measures how fast the firewall (system) can spot threats lurking in encrypted SSL traffic without slowing down your network.
You may see terms like “entry-level firewall.” If the device is ‘next-gen,’ then expect it to be just as capable as enterprise-level firewalls for global networks. Some “entry-level” firewalls serve as an integrated component of enterprise systems, such as those belonging to major corporations and governments. The more advanced the device, the more capable it is in stopping new cyberthreats as they emerge with built-in features like:
- Zone-Based Firewall (ZBF): allows designation of zones for each part of the network that may require different access/traffic control policies. The most common “zones” could be private or ‘inside’ access versus public or ‘outside’ access. Certain applications require DMZ (demilitarized or neutral) zones for public web and mail servers.
- Virtual Private Network (VPN) Management: allows easy integration of remote, secure access to a private network over the public or common network. Older technology may have some difficulty. “Next Gen” firewalls are designed for this environment.
- Intrusion Prevention System (IPS): or Intrusion Detection System (IDS), is usually a built-in function that stops attacks by identifying (matching) the profiles of known exploits and stopping them before they start.
- Application Control: defines firewall policies based on web-based applications for social media (Facebook, Twitter), work productivity (Salesforce, Outlook), and micro-applications (Slack, notifications).
- Web Control: includes URL filtering, IP addresses, and domains that allows policies to regulate access to services based on individual or group identity. Managers can set policy to allow or block access based on category or even reputation.
“Next-Gen” and Beyond
As better analytical processes develop, new advancements are emerging, such as deep packet inspection, secure mobile access (wireless), network/cloud sandboxing, multi-instance firewalling, and dedicated threat intelligence.
There are also variants such as “virtual firewalls” often found on virtual networks. These tools are more easily scaled so that network administrators can secure networks of any size: from mid-sized businesses to giant distributed corporations.
This feature will help make cyber security technology more scalable to deploy them as needed to accommodate hundreds to thousands of simultaneous users without rebuilding the entire network. We want advanced enterprise firewalls to integrate wherever they’re needed: truly massive networks, mid-sized enterprise, branch offices, and even remote home offices.
Ultimately, new and smarter technology leads us to truly componentized architecture for large-scale, globally distributed systems, such as the ones that belong to major corporations and governments. But to be truly secure, the same technology will scale to home offices, our mobile devices, and whatever we carry with us so that we can engage without fear online or boundlessly binge-watch our favorite shows.
SonicWall Next Generation Firewall Buyer’s Guide
How to choose the right next-generation firewall to secure your network.
GET THE GUIDE
Follow Us
© 2024 SonicWall. All Rights Reserved.