In today’s article, I will discuss the importance of properly configuring a network firewall. A common misconception with network firewalls is that they are simply “plug and play” devices. This, however, is not the case. Simply plugging in the network firewall and connecting it to your subnet may get you some very limited basic protection, but to use the network firewall to its full potential you must properly configure it and regularly update and maintain it.
This article will discuss the basic technology of network firewalls while drawing a comparison between a VCR and network firewall regarding programing the firewall to its full potential..
To draw a comparison, a VCR plays video cassette tapes on your television and basic functionality of a VCR can be acquired by simply just plugging the VCR in the power outlet and the RCA connectors of your television. This will allow you to play videos, however you are not achieving the full functionality of the VCR. What if you want the VCR to display the time, or to record your favorite television show? Well now you must program the VCR, and if you don’t have the technical skills to program the VCR you would call a VCR technician.
A network firewall, just like a VCR, also needs to be programmed to provide full functionality. This will require an understanding of the fundamentals of the Transmission Control Protocol (TCP) and Internet Protocol (IP) networks and protocols. TCP/IP being the backbone of network communication via the worldwide internet as well as internal company intranets and air gapped networks. Now, if this sounds to technical for you, then its best for you to call an information systems or network technician.
Such technologies that may need to be configured include access control lists (ACL), static routing, intrusion detection and prevention systems (IDS & IPS), network logging, signature-based malware analysis and traffic filtering to name a few examples.
Network firewalls also need to be regularly updated (this is important for signature-based malware analysis that detects new threats). Furthermore, ACLs need to be regularly updated If the company or organization has ACL configured and is relying on virtual private networks (VPN) to establish a remote encrypted connection to a company’s internal intranet via the internet. (an ACL is like a bouncer at a nightclub, an ACL decides who gets in, and who doesn’t)
Case point, if a technician simply plugs in a network firewall and applies basic subnet settings but does not configure an ACL or static route then remote workers may start experiencing issues like establishing a VPN connection remotely to their workplace. Or if an ACL is not configured at all, the company or organization is potentially at risk of cyberattack from anywhere on the planet.
Routinely collecting and monitoring IDS records is also important as well, (think of an IDS as a traffic security camera) IDS records can be used for forensic analysis of a previous or ongoing cyberattack and network-based signatures of that cyberattack can then be created from those IDS records and be included in future IPS rulesets to prevent future attacks (think of an IPS as a traffic controller holding a stop sign)
Shane’s Computing and Networking can assist our clients by carrying out regular audits of your network firewall and providing updates and implementing access control, giving your company or organization greater control over who can access your private local area network.
Our head technician, Shane Currie can provide your company with detailed reports regarding the current configuration and state of your network firewall with recommendations and actionable insights on how you can strengthen your network firewall to keep the bad guys out while allowing streamlined accessibility to approved networks and users.
In conclusion, just like a VCR, a network firewall needs to be properly configured to reach its full potential. Yes, if you just plug in a network firewall and simply join it to the subnet you will be getting some basic functionality however by properly configuring the network firewall the security device will be able to reach its full potential and greatly reduce the risks associated with poorly configured network firewalls and cybercrime.
Give Shanes Computing and Networking a call today and we can make sure that your network firewall is properly armed to protect your digital assets.