Blog

What You Need to Know About Firewalls

Do you (still) need a firewall?

The short answer is yes, your business still needs a firewall at your office location(s) defined by JPMerc at any location where data is housed (beyond that which is on end user devices) and/or if two or more people work at that location regularly. While it’s true that a firewall alone is not sufficient to keep your business safe (see our “7 Steps to Protect Yourself from Data Breaches” article for the complete list of IT security must-haves), even in this age of distributed organizations and cloud computing, a firewall is still a critical piece of the puzzle.

What does a firewall do?

A firewall is essentially a gatekeeper. The firewall is typically a standalone appliance–a dedicated piece of hardware running specialized software for a narrow and specific purpose. The firewall sits between the LAN (local area network, i.e. everything inside the building) and the WAN (wide area network, i.e. the internet/everything outside the building).

All data traffic passing in and out must travel through the firewall to be sure it allowed to pass. Traffic that does not meet very specific criteria is blocked. A well-designed set of firewall rules running on a quality appliance will dramatically limit the prevalence of nefarious code to get in or out of the network, cutting down on the spread of malware and other malicious code, and reducing the risk of theft of intellectual property.

How do I choose a firewall? A proper firewall should be:
  • From a vendor who is considered a leader in the IT security space
  • Spec’d for the needs of the organization and the demographics of the location it is to protect
  • Actively monitored, managed, and maintained by a well-trained IT department
Intrusion detection and deep packet inspection

Further, be sure to choose a firewall that is capable of intrusion detection and deep packet inspection. Early firewalls and many rudimentary units that are still offered today simply allow or disallow types of traffic to and from specific locations. Intrusion detection and deep packet inspection services allow the firewall to consider the actual content of the data and block it when malware and other malicious code is present, or when someone or something is trying to break in.

Active monitoring and management

There is no such thing as set-it-and-forget-it when it comes to security. Firewalls must be properly configured, monitored, updated, and audited to be effective. This is a job for a well-trained, security-conscious IT team. Insist on periodic reports to your management team to ensure your business is properly protected.

Need help?

JPMerc & Co. offers low cost, no obligation IT assessments. We’ll identify your current IT risks and offer cost-effective solutions. The report and the knowledge gained is yours to keep with zero obligation and no hard-sell. To learn more, connect with us!