Cyberattacks: how to choose a firewall for your business?

Cyberattacks: how to choose a firewall for your business?

A firewall protects corporate data from malware and external intrusions, and secures the installation of a company's applications. Consequently, it is an essential component of IT security. Here are a few tips to help you make the right choice.

IT risks affect SMEs just as much as they affect large groups. The rise of the Cloud and BYOD (Bring Your Own Device) paradigms means that new gaps for cybercriminals to exploit are constantly appearing. "And this risk also includes the IoT (Internet of Things). Nowadays, offices are full of smart devices, such as security cameras and temperature probes, which can easily be used by attackers. Not to mention smart household appliances (coffee machines, e-book readers, refrigerators, microwave ovens, etc.), which can also be used in attacks", says Marco Genovese, Product Manager at Stormshield.

The firewall, a (cyber) control tower

Firewalls remain an effective form of basic protection for today's IT environment. "As traditional network boundaries disappear, the firewall is no longer just the door that secures the house—it is more like an airport control tower. It makes it possible not only to check what's happening across the entire information system, but also to monitor and predict threats", says Marco Genovese.

And this predictive ability is vital in a world where requirements are becoming more and more dynamic. For example, a service implemented by a company today may eventually migrate into the cloud, and vice versa. This means it's important to choose flexible technology capable of meeting a variety of needs.

Questions to ask when choosing your firewall

The most important step is to plan ahead for your future needs: bandwidth, services to be outsourced, access to network resources for users not physically present on site, etc.

Next, it's important to ensure the reliability of the chosen technology. In Europe, national agencies (such as France's ANSSI) test and certify all security providers seeking to obtain an accreditation label. "These security visas indicate that these certified solutions are considered trustworthy, and therefore recommended for all companies", says Julien Paffumi, Product Management Leader at Stormshield.

The last step is to check the product's ease of use. "In this respect, the best approach is to adopt the principle of Ockham's razor: when faced with two technologies that do the same thing, the best one is the one that's the simplest and easiest to use", advises Marco Genovese.

Firewall functions

  • Filtering network traffic. "This is no easy task: today, every application protocol does its best to hide inside http or https traffic", says Marco Genovese.
  • Providing secure access. "Regardless of whether infrastructure resources are located on site or in the cloud, or whether they are accessed on site or from a mobile location, the information flow must be kept confidential using secure methods of communication (encrypted tunnel).", warns Marco Genovese.
  • Flagging up network problems. "Sometimes an administrator's own response time is insufficient, so you need to have an automatic system for quarantining potentially dangerous hosts", Marco Genovese adds.
  • Correcting the network's natural tendency to age. A firewall may also be able to identify when a new vulnerability is affecting a network component and suggest a way to fix it.

When looking for the right firewall, you need to identify your company's security requirements and opt for flexible, reliable and easy-to-use technologies.

Share on

Our new-generation Stormshield Network Security UTM firewalls provide protection for very small to medium-sized businesses with their unmatched performance, scalability and continuity of service.
And for companies with multiple sites, our Stormshield Management Center solution makes it easy to monitor equipment by centralising all solutions (from equipment configuration to maintenance) in one place.

About the author

mm
Marco Genovese
Stormshield Network Security Product Manager, Stormshield

Marco Genovese was born in Asti, Italy, a town better known for its great wine than for IT infrastructures. After a non-profit experience aiming to bring the Internet to the people – in 1994 – Marco went to study Computer Science and later collaborated with various companies in the security sector. He joined Netasq in 2008 as an International Pre-sales and, after several years, decided to combine quality of life and access to IT infrastructures by moving to Paris. He has been Product Manager for Stormshield Network Security since November 2016.