Technology News

latest updates from easySERVICE™

Importance of Firewall for a Business

Firewall

Introduction

Without question, your network is more complex than ever before. Your employees are accessing any application they want, using work or personal devices. Often times, these applications span both personal and work related usage, but the business and security risks are often ignored. New prospective employees are asking about application usage policies before accepting their new job.

Adding yet another layer of complexity is the underlying concern around the effectiveness of your cyber security posture. Is your business a target? Is it a question of when, as opposed to if? And are you as prepared as you could be? The complexity of your network and your security infrastructure may limit or slow your ability to respond to these and other cyber security challenges without a good firewall in place.

Fundamental Functions that your Firewall was designed to Execute

When increasing complexity limits or slows the decision making process, it’s almost always helpful to “Focus on the fundamentals” as a means of addressing the situation at hand in a more effective manner. It is with this understanding that we remind ourselves of three fundamental functions that your firewall was designed to execute:

1. Operate as the core of your network security infrastructure.

2. Act as the access control point for all traffic—allowing or denying traffic into the network based on policy.

3. Eliminate the risk of the “unknown” by using a positive control model which simply states—allow what you want, all else is implicitly denied.

Over time, the fundamental functions your firewall executed have been nullified by the very traffic they were meant to control. Applications evolved to where the firewall, the core of your security infrastructure, has trouble exerting the levels of control you need to protect your digital assets.

Port hopping, use of non-standard ports and use of encryption, are a few of the ways in which applications have become more accessible. These same techniques are also used by cyber attackers both directly, in the cyber threats that they create and indirectly, by hiding the threats within the application traffic itself. Further complicating the challenges that these modern applications introduce is the fact that your employees are probably using those applications to help get their jobs done.

Some of the applications and threats found on your network include

  • Common end-user applications: These applications include social media, file sharing, video, instant messaging and email. Collectively they represent roughly 25 percent of the applications on your network and 20 percent of the bandwidth

Employees may use some of them for work purposes; others will be purely personal use. These applications are often highly extensible, and often include features that may introduce unwarranted risk. These applications represent both business and security risks and your challenge will be how to strike an appropriate balance of blocking some and securely enabling others.

  • Core business applications: These are the applications that run your business; they house your most valued assets (e.g., databases, file and print services, directories). This group of applications are heavily targeted by cyber attackers using multi-faceted attacks and your challenge is going to be how best to isolate and protect them from stealthy attacks that easily evade your firewall and IPS using common evasion techniques.
  • Infrastructure and custom applications: This group of applications represents core infrastructure applications like SSL, SSH and DNS as well as internally developed, custom or unknown applications. These applications are commonly used to mask command and control traffic generated by bots and other types of malware. Interestingly, many of these applications are using a wide range of non-standard ports. Eighty five of the 356 applications that use SSL, never use port 443, nor do they use SSL defined ports (37 hop ports, 28 use tcp/80, 20 use ports other than tcp/443).

Conclusion

There are two obvious reasons for this renewed focus on the fundamentals. First off, applications and the associated threats can easily slip by port-based firewalls as well as the additive threat prevention elements. Secondly, the firewall is the only place that sees all the traffic flowing across your network and it is still the most logical location to enforce access control policies. The value of this renewed focus is obvious: your security posture should improve, while the administrative effort associated with firewall management and incident response should shrink or, at a minimum, remain constant.

At easySERVICE Data Solutions we work closely with leading next-generation network security companies. We help companies benefit from their innovative platform to secure their networks by safely enabling the increasingly complex and rapidly growing number of applications running on their networks and by providing prevention against cyber threats.

We focus on building and designing the most appropriate infrastructure to meet the unique needs and characteristics of your individual business. If you’d like to discuss any of the above best practices or lessons learned with us or to learn more about how we are partnering with companies just like yours to ensure the availability of mission-critical applications, please contact us at (855) US STELLAR.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on March 26, 2014 by in Internet, Malware, Networking, Security, Server and tagged , , , , .
%d bloggers like this: