In our last blog, “The 7 deadly sins of IT security” we discussed seven basic errors that can put your organisation at major risk. In this post we will explore the most common firewall failures and share some advice on how you can avoid them.

As security threats intensify and cyber criminals perfect their techniques, a reliable firewall solution is your first line of defence, shielding you from the malware and viruses bombarding your network every day.

Traditional firewalls as we know them serve two basic purposes: stopping the “the bad guys” getting unauthorised access to our network, and allowing the “the good guys” from our internal network to access resources on the Internet. Today’s “next generation firewalls” need to do a whole lot more to stay up to speed with attackers intent on mastering their insatiable bid to compromise systems.

There are a number of ways that your firewall can let you down. Here we look at the three most common reasons for firewall failures.

firewall 8

1. Misonfiguration

IT professionals spend a lot of time worrying about firewall flaws and vulnerabilities, but according to Gartner research, 95% of all firewall breaches are caused by misconfiguration, not flaws.

Firewalls are an essential part of your network security, and a misconfigured (or overly complex) firewall can damage your organisation in more ways than you think, leaving holes for cyber criminals to get through.

Many organisations don’t take time to define workflows when configuring their firewall. They mash different rules together and end up with a very broad policy configuration, leaving their network in a perpetually exposed state. Ensure that you carefully define your network policies and follow the principle of least privilege – giving the minimum level of privilege that the user or service needs to function normally.

2. Poor performance

The increasing number of devices and applications used in organisations today is constantly pushing the limits of network performance. You need to ensure that your security solution doesn’t become a bottleneck.

When your firewall becomes overloaded you experience high CPU usage, low throughput and slowing down of applications. As well as this, application performance may be seriously degraded. To alleviate these issues, you may want to think about upgrading your hardware (although this may not be an immediate option) or you might be forced to turn off some firewall features leaving opportunities for attackers. Some of the resource-intensive features include Intrusion Prevention Systems (IPS), which examine network traffic flows to detect and prevent vulnerabilities. Another added feature is application control, which allows you to easily monitor and manage social media application traffic.

3. Incompatibility

Older generation firewalls are outdated, and often incompatible with current technologies, such as IPv6 and cloud-based applications. They are therefore not capable of protecting against sophisticated threats. Organisations can no longer afford to neglect their perimeter security appliances.

Finally, when investing in a firewall it is important to make sure that integrates with other security protocols that you may be employing, such as email encryption, web filtering, wireless protection, and mobile access control and endpoint protection. A comprehensive reporting tool which will provide you with full visibility of real time traffic and allow you to trouble shoot incidents will also pay dividends in the long term.

Anatomy of a CryptoWall attack Webinar


Anatomy of a CryptoWall attack and how to keep your business safe

28th April, 1pm

In this webinar, Datapac and Sophos experts will go beyond the hype and headlines to take a deeper look at ransomware attacks. They will investigate how ransomware works, and analyse the tricks used by cyber criminals to make it so powerful. Finally, they will provide invaluable advice about how to coordinate your security defences, and keep your organisation safe from malicious hackers.

Learn more and register >>

register for upcoming events

Register for upcoming events

  • Datapac provides IT services to Glanbia
  • Datapac provides ICT infrastrure to Holfeld Plastics