Tips: Establishing A Firewall
The National Cyber Security Alliance offers suggestions and tips on establishing a firewall.
What Do Firewalls Do?
Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through. They are especially important for users who rely on "always on" connections such as cable or DSL modems.
What Type Of Firewall Is Best?
Firewalls are offered in two forms: hardware (external) and software (internal). While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use.
- Hardware. Typically called network firewalls, these external devices are positioned between your computer or network and your cable or DSL modem. Many vendors and some ISPs offer devices called "routers" that also include firewall features. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. Hardware-based firewalls have the advantage of being separate devices running their own operating systems, so they provide an additional line of defense against attacks. Their major drawback is cost, but many products are available for less than $100 (and there are even some for less than $50).
- Software. Some operating systems include a built-in firewall. If yours does, consider enabling it to add another layer of protection even if you have an external firewall. If you don't have a built-in firewall, you can obtain a software firewall for relatively little or no cost from your local computer store, software vendors, or ISP. Although relying on a software firewall alone does provide some protection, realize that having the firewall on the same computer as the information you're trying to protect may hinder the firewall's ability to catch malicious traffic before it enters your system.
What Happens Without A Firewall?
With nothing in place to check information coming into and out of your network, you are totally reliant on each individual user to practice good e-mail and download habits to protect the network from viruses and worms. If you are using a high-speed Internet connection such as DSL or cable, you are also dependent on the other subscribers to your service. Without a firewall, potential attackers can quickly scrutinize each available computer on the network to locate vulnerabilities and attack.
Additional Steps
Get technical help to establish one or more firewalls for the network based on the configuration. Establish a security policy to be implemented by rules in the firewall that will define wanted and unwanted content within the network. Provide a process for adjusting the policy for approved exceptions. Educate employees as to the value of a centralized solution and establish a mechanism monitoring and changing the rule over time to meet new needs of the organization.