Security/Firewall

The first step in securing your environment from attack, infiltration, or worse is to provide a robust and cost appropriate firewall. Every network from the home-based computer to large enterprise infrastructure requires firewall protection.

What does a firewall do? It depends on the size and needs of your organization.

The simplest of firewalls used in residential or very small businesses block all traffic on the internet from getting in and directly attacking your client computers. This device keeps anyone outside from directly being able to connect to your computer and potentially causing harm. More advanced features allow certain types of traffic on specific ports to come in and be directed to specific machines on your network. They can also allow for rudimentary VPN or remote access capabilities. Makers of these types of firewalls include Netgear and Linksys by Cisco.

More advanced firewalls used in small to midsized businesses allow for analysis of traffic on the application layer. These firewalls use proxies for individial services like SMTP which allow you to define a myriad of security parameters to make the shared service more secure. Parameters which include blocking all email with a .exe extension for instance. This is done with a firewall of this type. Also, advanced firewalls allow for blocking not only incoming traffic but outgoing as well. Let's say that certain computers you do not want to access the web but need acces to email. You can do that. Also, more advanced firewalls can also be UTM devices standing for Unified Threat Management. These devices can double as spam blockers, virus scanners, and email encrypters as well as traditional firewall functions. These devices also have enhanced VPN capabilities including the ability to create VPN tunnels between locations. Makers of these type of firewalls include Watchguard, SonicWall, Astaro and many others.

The most advanced firewalls take all of these security aspects and make them more extensible to a large enterprise. Firewalls are typically very reliable, but they are physical devices which have a failure rate that is above zero. In a large enterpries where failure is unacceptible for any length of time, more advanced firewalls can be made to be redundant. In the case of a failure the firewall will simply fail over to another firewall that is sitting in standby mode. Downtime is reduced to near zero and a replacement firewall can be ordered configured and deployed at that time. Also firewalls of this stature allow for the most advanced and scalable VPN solutions where you may need to have hundreds of users working remotely. These solutions allow for the most scalable solutions for very large enterprieses. Makers of these type of firewalls include Cisco.