Académique Documents
Professionnel Documents
Culture Documents
2019
THE
COMPREHENSIVE
GUIDE TO
COMMERCIAL
FIREWALLS
PART ONE: WHAT ARE FIREWALL TECHNOLOGY EXPLAINED:
WHAT A FIREWALL DOES
FIREWALLS FOR?
A firewall is an internet traffic filter that examines packets
Cybersecurity is not just another cost to be added to of data according to a set of rules. Think of internet
the corporate budget. It’s a valuable asset that protects traffic as road traffic – the firewall is the police roadblock
your customers, employees, and partners from very real checking every car’s license plate against a database
dangers. It plays a critical role in your organization’s public looking for stolen or suspicious vehicles.
image. When done right, cybersecurity projects an image of
competence and trustworthiness. In the wake of a large- Whenever a packet of data enters your network, the
scale cyberthreat, it can become a competitive advantage firewall verifies its contents against the rules in its list and
that lets you distinguish your organization from everyone flags the packet as safe or suspicious. Firewalls can verify
else in the industry. traffic in either direction and implement rules that apply
according to users’ needs.
In order to be effective, your organization’s cybersecurity
solution needs to be robust, multi-layered, and Network firewalls run inside dedicated hardware devices
comprehensive. Every tool has to serve a specific or inside routers and protect entire networks, while host
purpose and to perform that task well. Most people are firewalls (also called “personal” or “desktop” firewalls)
already familiar with these tools. Antivirus software, data run on individual devices. Both types of firewalls can
encryption, and password managers are great examples. apply different sets of rules to traffic flowing in different
directions. This helps to identify and protect against
There is one tool that almost everyone is aware of, but cyberthreats, negligent users, and compromised in-
knows little about: the firewall. Microsoft has included network devices.
firewall software in every version of its Windows operating
system since 2003. Most consumer internet routers include Firewalls protect sensitive data, provide network traffic
basic firewall functionality. But neither Microsoft nor visibility, and prevent unauthorized users from accessing
hardware router manufacturers go to great lengths to private networks. But not all firewalls are equal – in fact,
educate their customers about what firewalls actually do or they differ radically in quality and capability.
why they are necessary pieces in the cybersecurity puzzle.
2 3
WHAT FIREWALLS DON’T DO 4 THREATS THAT BASIC FIREWALL
TECHNOLOGY WON’T PROTECT YOU
So far, it’s clear that firewalls perform an important AGAINST
cybersecurity function. By inspecting packets of
data according to specific rulesets, they can prevent
unauthorized data transactions from taking place.
As a result, many Wi-Fi routers are already compromised Since firewalls operate based on strictly defined rulesets,
before you even turn them on. The routers that ISPs give any data that appears genuine according to the ruleset
their customers are often not any safer. Those providers will pass right through.
give out millions of routers a year, making them prime
targets for cybercriminals. To explain how this works, expanding the roadblock
analogy might be useful. Verifying vehicle license plates
The reasoning behind this is simple. Buyers want plug-and- won’t tell the police if someone is smuggling contraband
play functionality – they don’t want to configure firewall across the border in their own car.
rulesets in order to get email and YouTube working.
4 5
There are many threats that basic firewall technology
can’t detect or mitigate against:
PART TWO: TYPES OF
FIREWALLS AND THEIR
Email Phishing - If a cybercriminal sends a spoofed
email pretending to be from a trusted third-party APPLICATIONS
service like Google, and an employee falls it, your
network firewall won’t protect you. Firewalls offer a range of different cybersecurity
functions, allowing rules based on ports, protocols,
Compromised Passwords - If an employee sets an applications, websites, file types and more. Because
easy-to-guess password or makes the mistake of reusing firewall technologies differ from one another,
it across sites, a cybercriminal can easily gain access organizations need to identify which firewall
through that vulnerable asset and use it to gain access architectures best serve their particular needs. For large
to the network. organizations with complex IT infrastructures, this will
almost certainly mean using different types of firewalls
Insider Threats - Disgruntled employees are a pervasive for different devices and users.
security threat. Basic firewalls can’t stop someone who
already has privileged access to your network. 5 TYPES OF FIREWALL ARCHITECTURES
EXPLAINED
Multi-stage Infiltration - What if a cybercriminal sends
multiple data packets that are clean enough to pass The vast majority of firewalls on the market today use
your firewall on an individual basis, but that trigger one of the following five architectures. Each one serves
malicious downloads from within the safety of your specific purposes that IT decision-makers should be
network? That’s exactly how sophisticated document- familiar with.
based security exploits work.
1. Packet-filtering Firewalls
Certain types of firewalls can help play a role in mitigating The packet-filtering architecture is the oldest and
these threats. IT administrators must be familiar with most basic firewall technology. It consists of a single
the different types of firewalls available in order to checkpoint where the firewall verifies incoming and
implement a comprehensive solution. outgoing data packets according to its ruleset.
6 7
Typically, it will look for the data packet’s origin,
destination, type, port number, and other surface-level Stateless firewall technologies, on the other hand, do
data. It does not open the data packet to inspect what not keep track of transfer protocol states. These simpler
kind of data it actually carries. It will quickly determine firewalls examine every data packet on a one-by-one basis.
which packets are cleared to go through the system and This makes them susceptible to multi-stage infiltration in a
drop the ones that fail its tests. way that stateful inspection firewalls are not.
8 9
Next-generation firewalls include solutions for mitigating Modern organizations need to combine multiple firewall
security threats outside the traditional scope of firewalls. technologies into a unified solution that combines these
For instance, they can incorporate sophisticated threat architectures into efficient, customizable solutions. Multi-
detection algorithms for handling insider threats, email layered cybersecurity defenses ensure organizations
phishing, and multi-stage infiltrations. They can also strike the ideal balance between cost, performance, and
provide more granular tools for controlling access to network speed.
internet resources in the first place, such as blocking or
tracking access to specific websites, applications, file
types and more.
10 11
PART THREE: CHOOSING landscape, you must choose a solution that offers features
suited to your particular organization’s risk profile.
THE RIGHT FIREWALL FOR
A professional cybersecurity assessment can help identify
YOUR ORGANIZATION how the following features may impact your business:
Every organization has a unique risk profile. Government 1. Flexible User Management
agencies and healthcare providers need to protect In any organization, different users will have different
sensitive data from getting into the wrong hands. Schools connectivity and privileged access needs. Their firewalls
and universities need to protect their networks from must reflect those needs and protect against the threats
unsecured personal devices and their students from they are most likely to meet.
accessing illegal or inappropriate content.
For some employers, this means protecting against email
Small and mid-sized businesses have a specific set of phishing and preventing fraudulent emails from every
threats to worry about. Small businesses are particularly reaching their inboxes. For others, it may mean setting
susceptible to data breaches, ransomware, and phishing certain ports to close themselves when not in use, or
schemes that could end up putting them out of business. inspecting bandwidth usage in greater detail.
12 13
the privacy and security of their users’ data. Commercial confines of their established network. These users need
organizations are not exempt from these guidelines either. to have access to secure company infrastructure even
when using insecure public internet.
Even if small businesses aren’t compelled to comply
with strict user data regulations like larger institutions This is where VPNs come into play. Organizations that
are, they must take adequate measures to protect establish VPNs and use them with best-in-class firewall
their customers and users. Kaspersky Labs estimates technology are able to enjoy robust security across the
the average cost of a small business data breach at board, regardless of physical user location.
approximately $117,000.
WHAT EXACTLY DO VPNS DO?
FIREWALLS AND VPNS: PREVENT LOSS
AND GENERATE VALUE Computer networks are made up of the physical routers,
switches, and infrastructure that enable communications
Many executives and small business owners see firewalls between users and devices. VPNs extend this capability
primarily as vehicles for loss prevention. By improving by creating secure, encrypted tunnels for traffic between
cybersecurity, they prevent expensive data breaches point A and point B.
and ransomware attacks from disrupting core business
processes. But firewalls are also value-generating assets This allows businesses to extend their network
when combined with virtual private network services (VPNs). infrastructure to remote employees and third-party vendors
in a scalable way. VPNs establish encrypted communication
In today’s increasingly connected business environment, protocols that keep private data away from prying eyes.
remote communication is an important value driver for
small businesses and enterprises alike. Laptops, tablets, This allows your organization’s firewall to address one
mobile phones, and other portable devices provide of the most important weaknesses of a purely hardware-
challenges to secure hardware network architecture. based network. Public internet traffic is widely available
for anyone to see – if incoming connections are not
Whether working with third-party vendors or keeping encrypted in a way that is compatible with your firewall
in touch with traveling employees, businesses need to architecture, then you have no way of adequately
enjoy the security benefits of firewalls beyond the regular protecting your network from these external threats.
14 15
VPNs allow users to remotely connect with other offices
PART FOUR: NEXT-
through secure connections. At the same time, they GENERATION FIREWALL
encrypt and anonymize trusted internet traffic so that
employees and partners have remote access to company TECHNOLOGY
infrastructure.
Next-generation firewalls combine the best features of
existing firewall architectures into a single, unified platform.
They offer a cost-effective, all-in-one solution for small-to-
medium businesses, public institutions, and enterprises
that need scalable and flexible firewall implementations.
UNTANGLE NG FIREWALL
Combining a next-generation firewall solution with
a cost-effective VPN allows you to establish a robust, Untangle NG Firewall is a next-generation firewall
scalable foundation for cybersecurity. It gives even small that offers comprehensive content filtering and threat
businesses the ability to operate with enterprise-level protection to small-to-medium businesses, distributed
privacy and safety. enterprises, and public institutions in a scalable way. It
16 17
offers strict, rule-defined application control, bandwidth Intelligent Analysis and Reporting - Database-driven
optimization, and secure Wi-Fi capabilities in a single reporting allows administrators to leverage historical
easy-to-use product. insights alongside real-time reporting. Using Untangle’s
reports, administrators can create complete audit logs
NG Firewall also includes a comprehensive suite of VPN and identify opportunities to improve network speed
solutions and a full-scale, cloud-based management configurations and enforcements.
suite, Command Center. Command Center gives
organizations the ability to securely connect to their NG Flexible Deployment Options - Organizations can
Firewall deployment from any browser, anywhere, and to deploy NG Firewall as a virtual machine, in the public
efficiently administer security without having to invest in cloud, as a turnkey appliance, or on third-party
a costly on-site solution. hardware with no effect on the solution’s efficacy. This
makes it an ideal solution for small offices,
geographically diverse school campuses, and large
organizations alike.
18 19
This is where you will view alerts, verify threat triggers,
and audit security data for your entire network. Reports
include 30-day aggregate audit logs across various key
network details. ABOUT US
©2019 Untangle, Inc. All rights reserved. Untangle and the Untangle logo are registered marks or trademarks
of Untangle, Inc. All other company or product names are the property of their respective owners.
20