Can Firewalls Cope in the Era of IoT?
Posted on August 08, 2018
What makes a good firewall? The obvious answer is one that stops what you want to stop and allows what you need to allow. But does it need to be more complicated than that and should enterprises be looking beyond their network boundary for protection? We look at what makes a good firewall and how to choose the best one for your situation.
What firewall is needed
A firewall, in simple terms is the first line of defence in cyber security. It keeps a computer, and the network safe from intruders. Firewalls are used widely to allow secure network access and to separate a company’s internal network from the wider Internet. Firewalls are also used to secure internal network segments, such as keeping accounts separate from general operations.
There are many good firewalls on the market. What is going to work best for your company depends on your needs, such as bandwidth and the complexity of the access rules needed. However there are some key common features the best sort of firewalls include.
- Application control
Host-based application firewalls provide protection to the applications running on the same host. Network-based application firewalls are also known as a proxy-based or reverse-proxy firewall.
Your firewall should allow you to control and prioritise the most important network traffic, while limiting or blocking unwanted traffic. A firewall can include full user and group-based application control with traffic shaping options, as distinguished by application, user, category, characteristics or rule. For example, VoIP can be prioritised, while video streaming can be limited. It means your bandwidth isn’t compromised and time isn’t wasted blocking applications which don’t affect the network.
- Web control
URL filtering controls web usage, ensuring a safe environment for users and making compliance easier to administrate. Web control is standard in firewalls, but in varying levels of complexity.
The emphasis of good web control should be in its ease of use and set up. For example, if a user requires a slightly different set up, these policy tools should allow you to specify what differences are needed, then inherit the remainder. A flexible inheritance-based web gateway policy engine would mean that a whole new web policy would not have to be created.
To further ensure compliance, some firewalls can also enforce safe search of web pages, applications and even image filtering on all major search engines.
- Risk vulnerability
Based on their network activity and recent history, the riskiest users can be easily identified. A risk-assessment of applications can also be performed by firewalls prior to access. Some firewalls can provide insights into these risks as well as detailed reports, allowing your enterprise to take action when risky usage becomes evident.
- HTTPS scanning
Most internet traffic is encrypted, making compliance challenging. Good HTTPS scanning should be selective and able to manage exceptions, otherwise the scanning may become invasive and disruptive. Specifically, it should be able to block unrecognised SSL protocols and invalid or untrusted certificates.
The importance of flexibility
Flexibility is key to any good firewall. For example if you want to block a particular port from everyone except for a certain IP range, you need a flexible approach to key sets, rather than just a universal port ‘on’ or ‘off’ for everyone within the organisation.
Cybercrime is continually evolving with criminals changing their methods of attack to avoid possible detection. Because of this, a multi-layered defence using behavioural analysis is ideal. Your firewall should include email protection, intrusion prevention and sandboxing, which is the process of separating running programs into a different environment to check for errors or security issues without the risk of infection or affecting the application in which it runs.
Your firewall should also have the ability to identify and isolate infected or compromised sectors or systems.
Pushing the boundaries
Through cloud based solutions, and with the rampant spread of The Internet of Things, corporate data is often stored on third-party servers. With the widespread use of remote work connections, such as employees’ homes, local coffee shops or airport lounges, site-to-site and remote access VPN is also essential. Traditional or outdated appliance-based security measures were never designed to be capable of defending such a large and varied perimeter and it’s important that your firewall is viewed for its effectiveness regularly. There’s nothing worse that when a CEO can’t get access to the corporate network when they are working remotely.
If you are part of a large enterprise, you probably want to have multiple interfaces to the firewall, as well. It can provide flexibility where different rules can be set for different networks. In fact, to strengthen security using multiple interface approach, different rule sets should be used for different networks.
Quite reasonably, many organisations look beyond their network boundary for protection, as well as using stacked defences. Cloud Gateways, such as Vocus Firewall as a Service offer the flexibility and scale necessary for widely scaled networks. But more importantly they are becoming even more popular with expectation that carriers can share the risk and provide a faster response before any risk even enters the corporate network, particularly from large scale attacks. This makes integration with network-based and other internal IT security solutions important.
If you would like to discuss more about your firewall or other cyber security concerns, please call VOCUS on 1300 88 99 88.