The Tech Block

tech tips from tim the techie

Firewall Setup and Monitoring Tips

Firewalls are network security devices that are used for monitoring traffic that is coming in or going out of a network. They either allow or block data traffic based on previously established security rules.

Basically, they act as barriers between an internal network and traffic coming from external sources. These external sources can include public internet, viruses and hackers. In order words, they prevent any malicious traffic from coming through and allow only non-threatening ones.

When they are set up on a network, the firewall will analyze any incoming traffic carefully. They guard the entry point of the network which are typically called ports. These ports are where information exchange with other devices and networks happens. You can read more about it here.

Types of Firewalls

Firewalls can be software, hardware, or both. It is however best to have both. While the software is installed on every computer connected to the network, the hardware version is a physical device. It is installed between a network and its gateway. There are different types of firewalls and they are:

Packet-Filtering Firewall

These are the most common. They examine packets of data and bars them if they do not meet the established security rules. If they do, it permits the packets as a trusted network.

Packet-filtering firewalls can either be stateful or stateless. Stateful ones are considered to be more secured and they remember information about any previously permitted packets. Stateless ones examine packets one after the other and this makes them easy for hackers to target.

Proxy Firewall

These filter traffic at an application level. They act as a sort of intermediary between two systems. A request sent by the client to the firewall will be evaluated based on the established rules. Proxy firewalls particularly monitor layer 7 traffic such as FTP and HTTP. They use deep packet and stateful inspection to detect any malicious traffic.

Next-generation Firewall (NGFW)

These combine the conventional technology of a firewall with other types of functionality. These functions can include inspecting encrypted traffic, working as an anti-virus or as an intrusion prevention system. NGFW includes deep packet inspection. This means that asides from checking the packet, they examine the data contained in it.

Stateful Multilayer Inspection (SMLI)

These kinds of firewalls filter packets on network, application and transport layers and compare this against trusted packets. Just like NGFW, SMLI also examines the whole packet and will only permit it to go through if each layer is passed. They examine each packet to determine its state hence their name.

Network Address Translation (NAT) Firewall

NATs allow several devices that have independent addresses to create an internet connection by making use of one IP address. This enables individual addresses to be hidden. Due to this, hackers will find it difficult to capture particular details making it quite secure.

Like Proxy firewalls, NATs act as intermediaries between a collection of computers and any outside traffic. You can learn more about the types of firewall here https://www.javatpoint.com/types-of-firewall.

Setting Up Your Firewall

The importance of firewalls cannot be overemphasized and but how do you go about setting up yours? Most systems come with in-built firewalls and all you may need to do is enable and configure it. At other times, you may need to buy a physical device and install it. After doing this, you need to:

Secure it

Access to the firewall should be restricted to only trusted people. It should be secured by updating it regularly, deleting, disabling, or renaming default accounts as well as changing default passwords. When multiple admins need to manage the system, create additional accounts and limit privileges while tracking who does what. Avoid using shared accounts and limit where changes can be made to the system.

Plan Zones and IP Addresses

Identify your network assets and plan a structure based on needs, sensitivity and other factors. Use dedicated zones for sensitive traffic and data and limit traffic to these zones.

After designing a zone structure for the network, you should establish a corresponding IP address plan. Different IP address can be assigned to different zones and there should be a separation between the different networks. You can configure NAT to allow various devices to communicate internally over the internet as necessary.

Other things to do include:

  • Configuring access control lists
  • Configuring various firewall services as well as logging.
  • Test the firewall and manage it by monitoring and maintain it regularly.

Rather than handling all of these by yourself, you can hire professional IT services to set up your system and monitor it. The advantage to this is that you will take the burden off your IT team. You can also be certain of getting a solid and secure system.

Conclusion

Protecting and restricting access to your network and data is an all-important part of your business. One way to do so is through the use of firewalls to prevent malicious and unwanted attacks. To ensure a secure system, it is best to engage security experts to handle this for you.

 

Tweet
Pin
Share
0 Shares