Posted on: June 7th, 2016 by Nicole Iovine

FirewallOrganizations around the world must combat the growing threat of drive-by cyber attacks. Firewall appliances are often configured as the first line of defense against malicious attacks, so buying and installing a firewall is usually the first step in securing your network.

Once your firewall is up and running, your IT team must properly configure the device so that critical services can trespass through the firewall while unwanted connections are explicitly denied. How can your organization implement a firewall management system? Let’s take a deeper look at the most powerful features of common firewall appliances.

Content Filtering

As you walk through the halls of your office, have you ever noticed an employee doing something other than their job? Perhaps you’ve caught them browsing the web, playing games, or watching streamed television.

Salary.com reports that 61% of employees who participated in a recent survey admitted to wasting between 30 minutes to an hour at work each day. Properly configuring content filtering options will take away the urge for employees to browse the internet on the company’s dime.

From an information security standpoint, organizations that house sensitive data should always have some sort of content filtering policy enabled. Without content filtering, the attack surface of your organization grows exponentially. Seemingly innocent websites such as MSN, Forbes, and others have unknowingly served malware to their visitors after a group of hackers compromised the advertising platform that was embedded into each of these websites.

Most firewalls give administrators the ability to pick and choose the categories of websites that can be displayed on company PCs. For example, if you blocked the email category, your users would not be able to login to email service providers such as Gmail, Office 365, or Yahoo Mail.

Intrusion Prevention

Most modern firewall appliances have an intrusion prevention feature baked into the platform that prevents known cyber attacks from happening on your network. Perhaps you have a public facing web server that clients use to transmit, fetch, or store data.

Servers facing the outside internet are frequently scanned by penetration testing scripts. If your servers are vulnerable, these pen testing scripts provide hackers with an easy method of compromising your server and causing harm to your network.

When you configure your firewall using intrusion prevention policies, your network can automatically deflect and defend against known cyber attacks. Intrusion prevention is typically an add-on service for many firewalls. Most firewalls will automatically reach out to the manufacturer’s database to grab definition files that are updated daily.

Port Blocking & IP Address Filtering

Ready to take control over the connection attempts into your network? Firewalls provide your IT team with the ability restrict both inbound and outbound network traffic. Administrators can easily block specific IP addresses by setting up a firewall rule. These rules can be granularized to only allow connections on specific ports.

For example, if you created a network address translation policy for a Windows based web server, you could open up ports 80 (http) and 443 (https) while blocking ports 3389 (Remote Desktop). These robust features provide administrators with the ability to keep harmful traffic out of their network while simultaneously providing legitimate traffic a prioritized route to the packet’s final destination.

Firewall Logs

The most overlooked feature in your firewall is the firewall logs. The easiest way to detect and prevent a cyber attack is meticulously evaluate the firewall logs.

If a malicious attack is launched against your network, your firewall logs will serve as the forensics evidencing the payload of the attack. Many firewalls can be setup to email alerts to administrators when specific events occur.

Many system administrators have automated the task of sifting through firewall logs. Sophisticated 3rd party tools are available to help your organization sift through all the logs your firewall devices generate. These apps can prove to be extremely helpful, should your organization consist of several firewalls networked together in a site-to-site VPN configuration.

Which Firewall is Right for You?

There really is no right or wrong answer as to which firewall is the best on the market today. While some enterprises choose to buy Cisco gear exclusively, competitors such as Palo Alto Networks, SonicWALL, and Juniper have emerged as major players within the firewall appliance industry.

If your business is rapidly growing, the first step in combating a cyber attack is to properly install and configure a firewall for your organization’s public facing network. Get familiar with the different features and functionalities of the various firewall appliances available on the market.

Some firewalls will provide advanced features such as the ability to block IPs by the country of origin, automatic detection of viruses, and built-in cyber attack mitigation. Consider these key factors when selecting the best firewall for your small business.

While we offer a variety of support plans for companies that require regular security and maintenance, we like to work closely with local businesses like yours to help develop their technology and grow their business however they see fit. Our level of involvement can evolve your business. Just give us a call at (833) 482-6435 or click the banner below to get the IT support you need now!

If you enjoyed this IT Support article, please check out other posts on our blog and join us on Facebook, Twitter, LinkedIn, and Google+ to see how else we can help your Greenville, SC or Atlanta, GA area business succeed!