What is a Firewall, and Why Does It Matter?

by

Hearing “firewall” in the context of computing can be confusing. How does a tall, blazing fire separating rescue teams from people trapped apply to computers?

Well, imagine the rescue team using heavy blasts of water to save the day. A hacker is as motivated to get at your data. They will try everything to bypass your security. They want to get inside your network perimeter. In a business office, computers and printers are often networked together. This lets Jane in accounting and Kevin in graphic design access the same business tools.

In computing, a firewall sits between that internal network and the internet outside. It’s kind of like a nightclub bouncer. You definitely want it to be as burly and intimidating as possible to keep the riff-raff out. The firewall helps reduce or prevent unwanted traffic from getting through.

The Packet Filtering Firewall Approach

Your firewall can be hardware, software, or both. A packet-filter firewall monitors and controls network traffic. It filters data entering the network according to predetermined rules. IT experts set up a firewall to examine small amounts of data (called “packets”) to see if they contain threats. It checks packet data against criteria such as allowed IP addresses and packet type. If the data is suspect, the firewall stops those packets. If not, the data will continue on to its destination.

Firewalls stop certain software from sending and receiving data to and from the internet. This reduces the number of entry points for viruses or illegitimate traffic. After all, a club wouldn’t want to hire the bouncers to cover seven different doors.

A firewall also monitors outgoing traffic. Why’s that? Because an infected computer in your network could be sending out malicious information. If your company has fallen victim to a malware attack that turns a computer into a bot, it might be “phoning home.”

Unlike E.T. trying to get back to the safety of his home planet, the malware is checking in with its Zombie master. It’s helping to strengthen the bad guy’s ability to attack victims.

Firewalls can help prevent denial-of-service (DoS) attacks. In a DoS incident, thousands of computers are used to send an overwhelming amount of traffic to a network. It’s like putting 10,000 people in an elevator with an occupancy limit of 20 – expect a crash.

One famous 2016 attack seriously disrupted Amazon, Visa, PayPal, Netflix, AirBnB, and more.

Other Types of Firewall

Packet-filtering firewalls aren’t your only option. Stateful inspection is helping to make firewalls even smarter. These check where the packet came from, where it is going, and what application requested it. This end-to-end examination is more rigorous. All the parameters must match trusted information for the packet to pass through. This approach offers a smart, fast way to inspect for unauthorized traffic.

When setting up any firewall, it is important to avoid any unintentional openings. A hole in a chainlink fence renders perimeter security useless. A hole in a firewall leaves your network vulnerable.

Need help deciding on the right type of firewall for your business? Want to be sure your firewalls are going to withstand attack?

Our experts can help set up and test your firewalls. Contact us today at (515)422-1995!

Why You Need Both Software and Hardware Firewalls

by

A firewall sounds like a pretty intense thing – unless you’re an action-movie stuntman. Yet when it comes to internet security, you may not have as much firewall protection as you need.

Many internet security products bundle antivirus and firewall software, and many users think this is enough. But first, let’s be clear about what a software firewall actually does:

  • It regulates data through port numbers and applications.
  • It allows you to block incoming traffic from certain locations.
  • It distinguishes between computer programs allowing data to one program while blocking another.
  • It blocks traffic attempting to leave a device to access other devices on your network.

There are drawbacks, though. Software firewalls work only on the computers on which they are installed, and you’ll need to buy multiple licenses to protect several computers.

You also need expertise to administer the firewall to keep up with changing threats. And there are security threats. Bad actors target software firewalls. They’re right there on the computer they seek to exploit.

Beefing Up Your Firewalls

Many businesses also use hardware firewalls to add security. A hardware firewall around your office network acts as a perimeter boundary. The hardware firewall is like the border guard keeping an eye out for dangerous traffic. The firewall inspects incoming internet traffic to protect you from malware and cyberthreats.

IT experts can set up firewalls to pass only safe data. This adds a layer of protection to your network and also secures network-connected devices. Workstations, printers, digital equipment, and telephone systems often don’t have software firewalls.

So, combining firewalls protects both local computers and other devices on your network. The hardware firewall checks traffic coming in from and going out to the internet, whereas the software firewall secures what’s coming into or out of the computer, even from internet sources.

Think about it this way: A cybercriminal is trying to access your systems. They take many approaches, one of which is trying to breach your network perimeter. Another is sending targeted communications to sucker someone into clicking on a virus-laden email. The hardware firewall could stop the perimeter attack, but the software helps stop the malware infection spreading from the user’s computer to others in your office.

Partner with a Firewall Expert

Firewalls can give your business tremendous control over:

  • how users connect to the internet;
  • what information is retrieved from the internet;
  • whether files can leave the company over the network;
  • what devices are accessible and from where.

Yet both software and hardware firewalls need the right expertise to install correctly. Firewalls must be regularly monitored and managed, because threats are constantly changing.

Combining firewalls adds protection but only if you configure them to minimize weaknesses. You’ll need someone to identify compatibility issues and avoid blocking legitimate data.

Partner with an IT expert. We know how to work with firewall rules, and understand what they mean and how to react to alerts generated. Have you heard of a breach that compromised Target’s point of sale systems? That fiasco involved ignored firewall alerts! Don’t let it happen to you.

We can help you set up and maintain the firewall protection you need. Contact us today at (515)422-1995!

Protect Your Firm Against Zero-Day Attacks

by

Protecting your business against the latest IT threats should always be a top priority. Updating antivirus and patching your operating system is a great way to start. What happens, however, when a threat appears at your door before security firms have had a chance to catch it?

A security threat that exploits a previously undiscovered vulnerability in the computer is known as a zero-day threat. The name “zero-day” is designed to imply how long since the vulnerability was discovered. The term also indicates that system developers have had zero days to fix it.

A newly discovered attack might be packaged into a computer virus or worm. This will allow it to spread far and wide while inflicting the maximum amount of damage possible. When spread successfully, a new exploit has the potential to reach hundreds of thousands of computers before an operating system or anti-virus update can even be issued.

There are a number of ways we can protect your business or lessen the damage from a zero-day attack.

Preventative security

The number one way to mitigate the damage from any attack to your system is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date antivirus is the best step you can take to ensure the security of your system.

A firewall, monitoring traffic in and out of your network, reduces unauthorised entry over the network. Even without knowing the exact nature of the attack, suspicious activity travelling in and out of the system can be stopped.

The same is true of modern Antivirus. Even when it can not identify the specific zero-day threat from its virus database; it can often identify malicious intent from learned behaviour in the system.

A Locked Down Network

Should a zero-day threat make it into your network, our next goal should be to limit its effects. By restricting user access to only essential files and systems we can limit the damage done to the smallest number of systems. Good security policy dictates that each account should only have full access to the systems needed to complete the user’s job. For example, users from the accounts department shouldn’t have access to sales department databases.

In this way, the damage of a single compromised account is limited to only the network area it operates in. Such limited impact should be easy to control and can be reversed with regular backups.

Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are your protection against major lasting damage. Having a good backup means having the procedures in place to both create regular backup copies and make sure they can be restored at a later date.

Reliable and well-tested backups are worth their weight in gold. Knowing your data is safe and your system can be recovered is peace of mind against even the most highly destructive zero-day attacks.

Intrusion Protection

While the precise methods of a zero-day exploit can’t be known in advance, a network intrusion protection system (NIPS) can monitor the firms’ network for unusual activity.

The advantage of NIPS over a traditional antivirus only system is it does not rely on checking software against a known database of threats. This means it does not need updates or patches to learn about the latest attacks. NIPS works by monitoring the day-to-day patterns of network activity across the network.

When traffic or events far out of the ordinary are detected action can be taken to alert system administrators and lock down the firewall. Devices such as USB drives and mobile devices can all introduce threats to the network. They can often make it past the firewall because they are physically introduced to the system.

NIPS protects against threats introduced to the network from both external and internal sources.

Full Cover Protection

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms haven’t patched yet. We think it’s important to keep your firm secure whatever it might come up against in the future.

If you could use help protect your business against online threats, give us a call today at (515)422-1995.

Why Your Firewall Will Never be Enough

by

Firewalls are a well-known security essential, and we’re certainly big fans, but did you know a firewall alone is not enough to keep your business safe? It’s like building a fence around your city to keep the burglars out: You feel safe, private and secure… but the reality is, anyone with a ladder, enough motivation or ninja skills poses a real threat. That’s why despite every networked business having a firewall in place, security breaches are increasing at an alarming rate – further protections are still needed.

A few strategic, well-planned measures can provide all the protection your business needs to keep operating without costly downtime. While it’s cool to imagine a system so secure you’ll be opening doors with retinal scanners, using synchronized keys to activate the server and dodging pressure-triggered plates around the storage drives, the reality is infinitely more usable and affordable. In fact, we’ll help you choose the perfect measures that blend invisibly into your existing processes, boosting security without affecting productivity. Take a look at some of our managed service inclusions:

Proper firewall configuration

While not enough by itself, your firewall is still your first line of defense like the wall around your city. However, there’s a huge difference between the generic firewall that comes standard with your Windows installation, and one specifically chosen for your business and set up properly. Without properly locked doors and monitored gates, your firewall may as well not even be there. Our technicians will work with you to identify which traffic should be allowed, eg remote employee access, and which should be automatically blocked.

Workstation antivirus

Like a bouncer standing at the door to your building, it is the job of antivirus software to check every file being downloaded to your company’s computers and watch every program that runs. So, even if a bad guy gets past the perimeter defenses they will likely be spotted by the antivirus software. Without this layer of protection, it is easy for an attacker to have their way with your files.

Web Filtering

What’s better than detecting and stopping malicious files on your computer? Preventing your users from even downloading them from the internet in the first place! Web filtering acts as a middle-man while you are browsing the web and stops users from being able to even visit a site with known issues. We can also restrict websites based on categories like adult material or social networking if desired.

Patch Management 

Keeping with the analogy of a firewall is like a wall around your city and an antivirus is like a bouncer at the door, software patching is like having someone fixing newly found holes in your walls that could potentially let the bad guys in. Instead of counting on your employees to update to the newest version of Java or Adobe Reader, automated software can take care of this for you.

Access restrictions

It is best practice to give employees access to only the files they need to do their job. It’s not a matter of trust, but rather one of security. If they were the one to accidentally let the attackers through the firewall, perhaps by clicking an email link, you’re then able to minimize the damage. Without this added layer of protection, it’s relatively easy to access (and damage) any and all files on the network.

Encrypt confidential files

More secure than simply password locking a file, encryption uses a secret ‘key’ to scramble the files and their contents so that when anyone else tries to view them all they see is incomprehensible nonsense. This way, if an attacker does manage to access or steal vital files, they don’t get anything useful! Encryption is especially useful on mobile devices that can easily be misplaced or stolen when traveling.

Backup Backup Backup!

As a final layer of defense, when all other protections have been circumvented, it is important to be able to recover from a disaster. If an attacker does manage to access and hold your network for ransom, with the proper backup in place we can simply wipe the slate clean and restore to the way it was before the attack.

No one type of protection is 100% perfect. Something (or someone) will inevitably get through. That’s why computer security works best when it’s multi-layered. When one protection fails, the next layer kicks in to keep your business safe. And then the next, and the next…but that doesn’t mean you need CIA level security that gets in your way. Most of the above protections are easily affordable for small businesses, we use all of the above ourselves!

Click to see our BBB Report

FOLLOW US

VISIT US

Privacy Policy