Understanding Small Business Firewalls
Seclude Your Firewall software/hardware
- Always protect the firewall from direct attack. It is especially critical when it is a hardware firewall.
- It means you should not allow communication flow between your firewall and unauthorized sources.
Keep your OS updated.
You must keep the firewall operating system up to date with the latest software security patches.
Well-define your ‘rule base.’
- Follow the Keep it Simple, Stupid, or “KISS” Principle when designing your rule base.
- Be sure that any packet that reaches the firewall gets checked against the rule base.
- The rules appear in descending frequency of application with those most frequently used at the top. It saves processing time as the firewall will not need to match all firewall rules every time.
- It reduces the load on your firewall.
- Deny all suspicious requests that try to circumvent your firewall
Deny, deny, and deny.
- If you question the authenticity of any request, be sure to deny it.
- If you find that you have dismissed it in error or need it, you can always allow the blocked connection later.
Lockdown VPN access
Regularly run firewall vulnerability scans
- Set up a practice of testing and auditing your firewall for vulnerabilities.
- It will help you update your firewall protection as and when required.
If under attack, Block an entire country
Nation-state actors often perpetrate hacks, and it is wise to have a way to block all attacks from a specific country easily.
Monitor all user access to firewall settings
Corporate networks commonly use joint firewalls to provide the first line of defense to the network. Still, the network owner must keep in check who has access to the firewall’s settings and what type of access it is. It is not prudent to allow someone to change the configuration to make them vulnerable intentionally or unintentionally.