Blog

5 Things You Must Know About Firewalls

How much money will your company need to lose before you stop procrastinating on cybersecurity matters?

There is always a “too late” option, when the cyberattack puts you out of business, which happens to 60% of small businesses within six months of a cyber-incident. Although most companies know of the dire consequences of cyber threats, they postpone addressing them for various reasons. Many assume that “everything is fine right now,” so their response is reactive instead of proactive – which is a lot more stressful, and most of all, risky.  According to the Better Business Bureau and their 2017 State of Cybersecurity Report, the top five factors that prevent SMBs from advancing in their cybersecurity efforts are as follows:

  1. Lack of resources
  2. Lack of expertise or understanding
  3. Lack of information
  4. Lack of time
  5. Lack of training

Just like putting off going to the dentist, that decision can often come back to bite you (pun intended).  When this happens, we often remember the old Benjamin Franklin axiom: “An ounce of prevention is worth a pound of cure.”  According to the PwC Health Research Institute analysis, the likely cost of a serious cybersecurity breach in the healthcare industry is $200 for every patient’s record, when the cost to thwart a cyberattack is only $8 for every patient’s record. This figure alone should motivate you to take action.

Many small businesses don’t know where to begin. One of the first lines of defense a business can take is to have a properly configured and installed firewall on their network. Here are five key things you should know about firewalls:

1. What is a firewall and what does it do?

A firewall can be either hardware or software-based.  Our Windows-based machines have a built-in firewall, but generally speaking, when talking about firewalls we are referring to hardware.  A firewall is a network-based perimeter security device that is intended to protect your network’s devices from the dangers that exist on the Internet.  Data is exchanged between your network devices and destinations in cyberspace and firewalls monitor this data (sent in packets) to check whether they are safe or not.  The firewall does this by establishing whether the packets meet the established rules and rejects any packets of data that don’t.  If it didn’t do this, within minutes of connecting a device to the Internet, attackers would attempt to compromise our computers.

2. All firewalls are not created equal

We talked about software-based firewalls which may live on a computer’s software, but these types of firewalls are very limited in what they can do.  Older physical firewalls have the same types of limitations.  They are good at blocking and allowing specific ports, sources, and destination IP addresses, and they can also translate and route traffic into your internal network.  This type of functionality used to be sufficient, but with the advanced threats out there today, that’s no longer the case.  Nowadays, we talk about Next Generation Firewalls (NGFW).  What sets these devices apart from their older counterparts are their advanced features: specifically, their ability to inspect individual packets for malicious payloads.  Unified Threat Management (UTM) consolidates multiple security and networking functions such as anti-virus protection, web content filtering, application control, and intrusion detection/protection (IDS/IPS), all on one appliance protecting the network.  While we want our firewall to inspect every packet individually, what we don’t want is to feel that the firewall is slowing down the network.  We want the firewall to be transparently running in the background providing peace of mind without demanding our attention.  That is accomplished by sizing the firewall properly and using one with a security-centric processor to handle all those UTM tasks.  Providing that is a pretty sophisticated challenge, so don’t make the mistake of buying a firewall at a big box store thinking that it will solve all your security problems.

3. Firewalls and firewall rules must be constantly updated

Things are constantly changing in IT, and managing all the changes is one of the biggest problems that businesses face.  Maintaining a clean set of firewall rules is one of the most important firewall management functions. However, many businesses continue to struggle with this task, leaving them open to increased risks such as open ports, unwanted VPN tunnels, and unnecessary complexity which could lead to the firewall being unknowingly bypassed altogether.  On top of that, the firewall itself needs to be constantly updated to ensure that it can detect the most recent threats.  The firmware on the firewall itself may need to be updated if engineers discover a vulnerability.  Keeping up with all of these updates can be overwhelming, and most businesses simply forget to do them.  That’s a potentially fatal mistake.

4. Encryption can be bad for your firewall

Encryption was created to prevent unwanted eyes from viewing the data we are transmitting and receiving.  The paradox is that this increased security could be preventing your firewall from doing its job of inspecting packet payloads for malicious content.  If a packet reaches a firewall and the firewall has no way to decrypt the packet and inspect what is inside, it will most likely be passed on to its final destination.  The way to resolve this – and get the firewall back to where it can look for malicious payloads – is to institute SSL Deep Packet Inspection (DPI) on the firewall. DPI allows the firewall to become a “man in the middle” for all Internet traffic and ensure that the local network is properly protected.  This process is CPU intensive, so again, a properly-sized firewall is critical.

5. Firewalls aren’t just about security

We put firewalls on a network to help secure it from malicious attacks, but there are some great added benefits from NGFW that aren’t necessarily security-related.  Good firewalls will give you the ability to run and view detailed reports about network traffic.  These can be critical if you have to meet certain compliance requirements, such as PCI or HIPAA. Because a firewall is a network device at its core, you will gain increased visibility into your network.  No more need to create a mirrored port on your switch and run Wireshark or another packet capture program, because today’s firewalls will allow you to view real-time and historical traffic on your network –  a great aid in troubleshooting network issues.  Firewalls can also help enforce company HR or other group policies by leveraging web content filtering controls; these can also maintain productivity by limiting access to certain time-consuming sites.  Application control helps prevent bandwidth overutilization by bandwidth-hogging applications such as video streaming services.  Since company employees are not always local, the firewall’s ability to support remote users – and doing it in a secure manner – is critical for increased productivity.

 

While there are many things to consider when implementing firewalls or updating your existing firewall, a basic understanding of what they do and what they can’t do is important.  Firewalls are evolving constantly with more functionality and advanced features. That’s an important aspect in combating today’s threats, but often makes implementing firewalls and firewall policies more complex.  Small businesses often have a hard time implementing and maintaining security on their own, largely due to the fact that security professionals are hard to find and expensive to keep on staff.  As a result, more businesses are turning to a Managed Services Provider like TPx for their security needs, which allows them to get that enterprise level security at a price they can afford.

Ready to get peace of mind and stop procrastinating on your security? Talk to a TPx specialist today.

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

off-the-shelf security devices

When it comes to cybersecurity options for businesses today, the range of “off-the-shelf” options can be dizzying – and exciting – for those looking to cut administrative costs. A nice, new shiny router with what claims to be “business-class” firewalling and maybe even some DDoS protection for under 200 bucks? For many business owners the answer is “Yes please!” when the answer really needs to be “No way,” or maybe even “No freaking way!”

The consequences of going with one of the many routers (or other quick-fix security products) for sale at a big-box store can be devastating. These solutions may claim to offer business-class security, like firewall options, but the reality is that their features are limited and require frequent updates to make sure they’re ready to handle the latest threats. They also offer a false sense of security, given their narrow focus. Throwing a router with a firewall into the network and calling it a day is not a solid defense against the troublemakers out there targeting businesses every minute.  To be fully protected, businesses need to think bigger and broader – which is where managed services come in.

A good managed security product keeps you automatically up-to-date with a comprehensive set of the most powerful defenses against ever-evolving threats, while eliminating overhead. By way of comparison, to really do any good, that off-the-shelf router needs to be paired with additional security layers, including intrusion detection, traffic monitoring, antivirus and anti-malware software, plus work on the network/LAN side, like properly configuring user permissions to determine who has access to what data on the network. There’s also disaster recovery and backups to consider. Putting all of that together takes time and expertise—something that’s in short supply for most businesses except the largest enterprises.

Sure, many companies think they’re too small or their data’s too generic to find themselves in the sights of cybercriminals. The reality, however, is that 58 percent of all breach victims are categorized as small businesses.

It’s also worth noting that you never know when an on-premises device like a router can become a conduit for bad actors. The FBI, for instance, recently advised that the VPNFilter malware has infiltrated 1 million routers and counting – noting that everyone should reset their network boxes to help thwart the malicious code. “The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices,” the Bureau said in a statement. “VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router.”

The TPx managed services suite includes affordable device monitoring and management, network intrusion detection and prevention, antivirus, web content and spam filtering, plus disaster recovery options – all backed with our round-the clock Security Operations Center and highly experienced cybersecurity analysts.

Contact your TPx representative today to find out how managed services can help you avoid the consequences of hasty decisions in your security spend and keep your business safe and stable.

About the Author

Matt Mair is a Senior Product Marketing Manager for Managed Services. His role includes marketing and communications for TPx’s suite of managed IT offerings including Managed SD-WAN, LAN Monitoring, Office 365, Managed Endpoint, Colocation and Server Backup solutions. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.

It’s a scary world out there. As if new competitors, technologies and changing markets weren’t enough to keep you awake at night, there are all those headlines that seem to hit every couple of weeks – Wannacry virus spread worldwide… Data breach exposes the customer information of tens of thousands… Chapter 11 filing cites damage from last year’s hacking attack…

Some 70 percent of cyberattacks target small businesses, according to the National Cyber Security Alliance. Why? It’s pretty simple. Smaller enterprises aren’t likely to have dedicated internal IT departments and sophisticated systems that can keep pace with the furiously evolving arsenal of malicious malware – including viruses, spyware, worms and service attacks – that’s arrayed against them. A Dark Net universe of global attackers sees soft targets and easy paydays. Business owners see potential disaster.

Fortunately, there are potent reinforcements ready to man the barricades. SMBs increasingly turn to managed security services such as managed firewall solutions to gain the same level of protection that the largest enterprises deploy. In fact, the SMB segment’s adoption of managed security services is expected to grow at the highest compound annual growth rate (CAGR) of all business segments through 2021, according to a recent MarketsandMarkets report.

Firewall solutions guard the critical information that flows within organizations from external and internal threats. Deployed at network borders, they act as choke points that prohibit potentially vulnerable traffic from entering or leaving networks and can instantly stop a database attack. That’s potent protection for SMBs. However, firewall management is an ongoing process that requires IT security resources, expertise and diligent maintenance. A poorly-implemented or improperly-configured firewall can leave a company just as vulnerable as not having one at all.

At TPx, we’ve eliminated the challenges SMBs face in firewall implementation and maintenance with ITx for Firewalls – a powerful turnkey managed security service that provides an easily deployable and cost-effective firewall solution. This innovative service frees business owners, managers and even IT specialists from the worries of network security planning and firewall maintenance. With flexible hardware options and remote 24×7 device monitoring and management from our state-of-the-art Security Operations Center (SOC) in St. Louis, security and threat management becomes a lot less threatening.

With ITx for Firewalls, TPx customers can focus on building and running their businesses while our security team, led by former military intelligence and Department of Defense officials, handles all firmware updates and administrative configuration changes. And with a TPx-managed firewall, our customers also get the peace-of-mind of layered Unified Threat Management (UTM) services as well— all run from our cutting-edge SOC.

Traditional firewalls and routers often include a basic level of protection via packet inspection. However, packet inspection alone does not thwart malicious intent and threats. TPx believes that all of our managed firewall customers deserve an affordable security solution that offers levels of UTM in a single solution, guarding against threats by performing intrusion protections such as content filtering, application control and anti-virus – duties traditionally handled by multiple systems. Layered on top is a dedicated security team to manage the necessary firmware upgrades that keep the business’s protection up to date with the latest security policies. A managed firewall solution that combines threat protection with expert monitoring and management is an uncommonly powerful and economic solution for SMBs.

The technology landscape is changing, and so are the potential threats against businesses of all sizes. SMBs are particularly vulnerable as they face more attacks but have fewer resources available to protect their networks, operations and data. More than ever, they need innovative solutions that can protect their data and provide comprehensive security that’s both scalable and easy to manage. Managed firewalls – especially when backed by a comprehensive threat-management suite – can be a great equalizer for SMBs in a cyber-threat landscape that otherwise favors larger companies with significant IT and security resources.

It’s just common sense.

About the Author

Teri Lingley is a Sr. Product Manager for ITx Managed Services, specifically for TPx’s managed Software-Defined Wide Area Networking and security solutions. She has over 20 years of experience in managed network services and business continuity, ranging from enterprise sales to product management and development. Since the beginning of her career, her focus has been on bringing new technologies to market as managed solutions that enable business customers to keep focus on their business and not their networking. Teri is passionate about providing next-generation solutions that protect SMBs from threats, whether they be a natural disaster or the latest malware. Teri received her undergraduate degree and M.B.A. from Virginia Tech and resides in Dallas, TX.