Cyberattacks: how to choose a firewall for your business?
Published on: 24 09 2018 | Modified on: 21 08 2019
A firewall protects corporate data from malware and external intrusions, and secures the installation of a company's applications. Consequently, it is an essential component of IT security. Here are a few tips to help you make the right choice.
IT risks affect SMEs just as much as they affect large groups. The rise of the Cloud and BYOD (Bring Your Own Device) paradigms means that new gaps for cybercriminals to exploit are constantly appearing. "And this risk also includes the IoT (Internet of Things). Nowadays, offices are full of smart devices, such as security cameras and temperature probes, which can easily be used by attackers. Not to mention smart household appliances (coffee machines, e-book readers, refrigerators, microwave ovens, etc.), which can also be used in attacks", says Marco Genovese, Product Manager at Stormshield.
The firewall, a (cyber) control tower
Firewalls remain an effective form of basic protection for today's IT environment. "As traditional network boundaries disappear, the firewall is no longer just the door that secures the house—it is more like an airport control tower. It makes it possible not only to check what's happening across the entire information system, but also to monitor and predict threats", says Marco Genovese.
And this predictive ability is vital in a world where requirements are becoming more and more dynamic. For example, a service implemented by a company today may eventually migrate into the cloud, and vice versa. This means it's important to choose flexible technology capable of meeting a variety of needs.
Questions to ask when choosing your firewall
The most important step is to plan ahead for your future needs: bandwidth, services to be outsourced, access to network resources for users not physically present on site, etc.
Next, it's important to ensure the reliability of the chosen technology. In Europe, national agencies (such as France's ANSSI) test and certify all security providers seeking to obtain an accreditation label. "These security visas indicate that these certified solutions are considered trustworthy, and therefore recommended for all companies", says Julien Paffumi, Product Management Leader at Stormshield.
The last step is to check the product's ease of use. "In this respect, the best approach is to adopt the principle of Ockham's razor: when faced with two technologies that do the same thing, the best one is the one that's the simplest and easiest to use", advises Marco Genovese.
- Filtering network traffic. "This is no easy task: today, every application protocol does its best to hide inside http or https traffic", says Marco Genovese.
- Providing secure access. "Regardless of whether infrastructure resources are located on site or in the cloud, or whether they are accessed on site or from a mobile location, the information flow must be kept confidential using secure methods of communication (encrypted tunnel).", warns Marco Genovese.
- Flagging up network problems. "Sometimes an administrator's own response time is insufficient, so you need to have an automatic system for quarantining potentially dangerous hosts", Marco Genovese adds.
- Correcting the network's natural tendency to age. A firewall may also be able to identify when a new vulnerability is affecting a network component and suggest a way to fix it.
When looking for the right firewall, you need to identify your company's security requirements and opt for flexible, reliable and easy-to-use technologies.