Understanding Small Business Firewalls

Hi. Craig Peterson here.
 
Hackers are more active today than they ever have been, so we’re going to take a quick blink at Understanding Firewalls for your Small Business or Home.
 
When your computer is accessible through an internet connection, whether at home, on the road, or at the office — it is susceptible to attack. However, you can restrict outside access to your computer—and the information on it—with a firewall.
 
Firewalls can be either based on hardware or software. Both Windows and Apple computers have built-in firewalls, but they need some tuning to fully protect you.
 
Next-generation firewalls take the concept of blocking internet address and ports to the next step. A next-generation firewall can monitor all of the data going through it. They can detect intrusions, data leaks, and hackers. And the most advanced Next Generation Firewalls can stop malware and hackers in real-time. Right when the attack is underway.
 
Though properly configured firewalls may block some attacks, beware of a false sense of security. Firewalls do not guarantee that your computer will not be attacked, nor that it cannot be infected. Basic Firewalls help protect against malicious traffic, not against malicious programs, and may not protect you if you accidentally install or run malware on your computer.
 
With today’s threats, we need to used Layered Advanced Malware Protection to get on an even footing.
 
 

Seclude Your Firewall software/hardware

  1. Always protect the firewall from direct attack. It is especially critical when it is a hardware firewall. 
  2. It means you should not allow communication flow between your firewall and unauthorized sources.

Keep your OS updated.

You must keep the firewall operating system up to date with the latest software security patches. 

Well-define your ‘rule base.’

  1. Follow the Keep it Simple, Stupid, or “KISS” Principle when designing your rule base. 
  2. Be sure that any packet that reaches the firewall gets checked against the rule base. 
  3. The rules appear in descending frequency of application with those most frequently used at the top. It saves processing time as the firewall will not need to match all firewall rules every time. 
  4. It reduces the load on your firewall.
  5. Deny all suspicious requests that try to circumvent your firewall

Deny, deny, and deny. 

  1. If you question the authenticity of any request, be sure to deny it. 
  2. If you find that you have dismissed it in error or need it, you can always allow the blocked connection later.

Lockdown VPN access

Regularly run firewall vulnerability scans

  1. Set up a practice of testing and auditing your firewall for vulnerabilities. 
  2. It will help you update your firewall protection as and when required.

If under attack, Block an entire country

Nation-state actors often perpetrate hacks, and it is wise to have a way to block all attacks from a specific country easily.

Monitor all user access to firewall settings

Corporate networks commonly use joint firewalls to provide the first line of defense to the network. Still, the network owner must keep in check who has access to the firewall’s settings and what type of access it is. It is not prudent to allow someone to change the configuration to make them vulnerable intentionally or unintentionally.